|
Posted by Jamie Alessio on 01/05/05 18:52
> Thinking of going from http to https on the server.
> Would there be any differences in my php-code from now?
>
Switching from http to https shouldn't require any big changes to your
PHP code. The PHP code itself doesn't care that it is being accessed via
a https url - your webserver takes care of all that before/after
invoking PHP.
A few things you might need to watch out for:
- If you have hard links to http://yoursite.com/page.php instead of
relative links to just "page.php" then users will be directed away from
https and to http when they follow links on the site. You probably don't
want this and it will cause browser security warnings in many cases.
Even if you have a lot of these you might be able to get around it by
using apache's mod_rewrite to redirect all http requests over to https.
- Similarly, be careful about references to external files in your final
html output. This includes images, style sheets and javascript includes.
Make all references relative so that browsers won't display an error to
the effect of "some of the content on this page is secure and some of it
isn't".
- I have used a wysiwyg html editor as a text area replacement and had
trouble with SSL warnings in IE because of <iframe> tags. Just something
to keep in mind if you're using complex third-party php/javascript
applications
(http://wysiwygpro.com/xForum/topic.asp?TOPIC_ID=69&SearchTerms=iframe).
I worked on a large code base that ran via http on my local dev server
and via https on the live server and it wasn't a problem. The PHP code
works the same regardless of whether the traffic between the web server
and the browser is encrypted or not.
- Jamie
> Thinking of going from http to https on the server. My question is: Would
> there be any differences in my php-code from now?
>
> /G
> @varupiraten.se
>
Navigation:
[Reply to this message]
|