On Sun, 2009-11-01 at 17:30 -0800, sieger007@xxxxxxxxx wrote: > Hi Folks > * I am a squat on advanced Apache work. I would get a basic SSL > functionality to work. > So https://foobar.com works fine and gets me all the login windows I > designed. however currently all the images and other extensions > like .pdf are also using the https routing. > some image referred on that https link > e.g. https://foobar.com/loginhere.jpeg c > can be displayed using https but not http Don't do this. Either serve it all up through SSL or don't use SSL at all. Reason being, many browsers (particularly those from Redmond) will confuse the user with requests to load "insecure items" when they encounter <img src=http://example.com/foo.jpg> tags and suchlike. Mark. -- Mark Watts BSc RHCE MBCS Senior Systems Engineer, Managed Services Manpower www.QinetiQ.com QinetiQ - Delivering customer-focused solutions GPG Key: http://www.linux-corner.info/mwatts.gpg
Attachment:
signature.asc
Description: This is a digitally signed message part
|