iFinity

Products » Support Forums 
  Search

Support Forums

HomeHomeDotNetNuke Modu...DotNetNuke Modu...Url MasterUrl MasterRedirect from https to httpRedirect from https to http
Previous
 
Next
New Post
5/2/2008 12:30 PM
 
AJ
Valued Contributor

Joined: 4/23/2008
Posts: 34

And now we bring the discussion back to here since it was not Pageblaster related...

After installing the SSL cert, the https page returns 200 OK, but the URL is changed (rewritten?) to http.  I was hoping for a 301.. so now I need to look into this and find out what kind of redirect is going on..

I found that in DotNetNuke.HttpModules.UrlRewriteModule it actually uses this:

Response.Clear()
' add a refresh header to the response
Response.AddHeader("Refresh", "0;URL=" & strURL)
' add the clientside javascript redirection script
Response.Write("<html><head><title></title>")
Response.Write("<!-- <script language=""javascript"">window.location.replace(""" & strURL & """)</script> -->")
Response.Write("</head><body></body></html>")
' send the response
Response.End()

This is not even a redirect, it just loads the content from one page into another and returns 200 OK - its another duplicate content problem..  But, since I'm using URL master, it should be OK, right .. well no, a quick disassembly of URL master shows this...

response.Clear();
response.AddHeader("Refresh", "0;URL=" + result.FinalUrl);
response.Write("<html><head><title></title>");
response.Write("<!-- <script language=\"javascript\">window.location.replace(\"" + result.FinalUrl + "\")</script> -->");
response.Write("</head><body></body></html>");
response.End();

If https://mysite.com/page1.aspx and http://mysite.com/page1.aspx both return 200 OK, that is duplicate content.  Multiply that by every page in the site and there is a real problem.. what can I do now?

Alan
 
New Post
5/2/2008 3:43 PM
 
Bruce Chapman
Chief Poster

Joined: 3/9/2006
Posts: 3121

AJ

It's true I used the same logic as the standard DNN provider, for the simple reason is that it works.

The reason a javascript redirect is used over a 301/302 redirect is because the browser will throw up a 'security' warning if the server does the redirection from https -> http.  It's a trust/security issue.

I hadn't really thought about that side of things when you first told me of the problem.  Sorry if I sent you up a dry gully with the ssl certificate, because as you've found it's not going to solve the problem from a search engine POV.

The https->http redirection is really there just to make the application work seamlessly, not really to tell search engines that something has moved.  If you make it server-based and better for the search engines, you disadvantage the user with browser warnings.  However, in your case, the user isn't (shouldn't) be requesting the https.

Let me have a think about it - I may be able to have a configurable setting of server vs client redirection for the http->https.  In the meantime, if you figure out an alternative way (with IIS or similar) let me know.
 
New Post
5/3/2008 11:13 AM
 
AJ
Valued Contributor

Joined: 4/23/2008
Posts: 34

Hi Bruce,

By security warning, do you mean the "insecure content" warning dialog (I forget the exact wording)?

I've tried setting up the redirect in both siteurls.config and dotnetnuke.config - they did not help.

Is there any chance of a custom build that replaces the javascript with the same 301 code used elsewhere?

response.Status = "301 Moved Permanently";
response.AppendHeader("X-Redirect-Reason", result.Reason.ToString().Replace("_", " ") + " Requested");
response.AddHeader("Location", result.FinalUrl);

The site was ready to go live several days ago - until I found this showstopper SSL problem.

Alan
 
New Post
5/3/2008 2:21 PM
 
Bruce Chapman
Chief Poster

Joined: 3/9/2006
Posts: 3121

No, it is a different warning message - something like 'the website you are visiting is trying to redirect you to unsecure content, do you want to allow it?'.  The message differs by browser but they all have it.

Alan I will put an option to 301 redirect https instead of client redirect in a release for you, but I've got a very large backlog of work at the moment so you'll have to be a little patient.

If you have the client redirect working OK it shouldn't stop you launching the site - it will just be a little while before google cleans up the index with the https entries.  It will take a while for them to update the index anyway, once you do get the 301 redirects working.  Unless I'm missing something.

 
 
New Post
5/4/2008 12:52 AM
 
AJ
Valued Contributor

Joined: 4/23/2008
Posts: 34

Thanks Bruce - I've found a solution, so dont worry about it.  I do appreciate that you would make a custom build though, so thank you.

Initially I was going to use the open source urlrewriter.net, it does pretty much anything, but doesnt have any DNN specific links, so its much harder to configure.  Your module came out on the day I started this project so I grabbed it quickly :) 

What I am doing now is having urlrewriter handle any https requests, and your module handle the rest.  So far seems to work really well

Alan.
 
 Page 2 of 3
Previous123Next 
Previous
 
Next
HomeHomeDotNetNuke Modu...DotNetNuke Modu...Url MasterUrl MasterRedirect from https to httpRedirect from https to http


Support Guidelines.. Please read before posting

To get support on iFinity products and services, please search the forums for the the answer to the problem you are seeking. If you cannot find a solution, post a question in the relevant forum.   Ensure that you specify the relevant versions of the problem, and the actual error message or a detailed description of the problem.    You will need to register with this site to post on the forum.  If you have a Microsoft Live (Hotmail/Passport) account you can use that.  If you have a Open Id account you can use that.  If you neither of these, you will need to register a user Id and password.

Please note : If you are posting a new thread for the Url Master module, please include the following information where applicable:

- Url Master version

- DotNetNuke version

- Example Url where possible

- If there is an error, please post the full error text and/or stack trace (from the DotNetNuke event log).

Services

iFinity is a Microsoft Bizspark Member

All site content copyright © iFinity 2006-2011 Terms Of Use Privacy Statement