You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Ben Laurie <be...@gonzo.ben.algroup.co.uk> on 1995/11/18 19:42:07 UTC
Re: another idea
>
> The netsite commerce server sets the environment variable
> "HTTPS" when someone has an SSL connection. I think it would be a good
> idea to do that for apache/ssl. (On my site both the SSL and the
> non-SSL servers serve the same document set, but I want some CGIs to
> only be run through the SSL server, so theyy can do a check for the
> existence of that environment variable.)
>
> What would be an appropriate name for the environment
> variable?
Hmm, HTTPS would seem logical. What does netsite set it to?
> And -- I'm not too familiar with how environment variables
> get passed to scripts that get run-- how do I set the variable in a
> module so that it gets passed to CGI, SSI, etc?
I looked at this a while back, but I forget the details (it was somewhat
arcane, I seem to remember). It's getting late here, but I'll take a look
tomorrow.
Cheers,
Ben.
--
Ben Laurie Phone: +44 (181) 994 6435
Freelance Consultant Fax: +44 (181) 994 6472
and Technical Director Email: ben@algroup.co.uk
A.L. Digital Ltd, URL: http://www.algroup.co.uk
London, England.
Re: another idea
Posted by Rob McCool <ro...@netscape.com>.
/*
* "Re: another idea" by Ben Laurie <be...@gonzo.ben.algroup.co.uk>
* written Sat, 18 Nov 1995 23:31:25 +0000 (GMT)
*
* Thanks for the info. Does this mean that checking for the presence
* of HTTPS, rather than the value, is erroneous?
In a Netscape server, it means the server is SSL-capable, not that the
server using it.
* Wouldn't an HTTPS_VERSION (and perhaps HTTPS_FLAVOUR) be good, too?
*/
Yes, it would. There are more variables going in with client
authentication, also. Sameer's suggestion of HTTPS_CIPHER makes sense
as well.
--Rob
Re: another idea
Posted by Rob McCool <ro...@netscape.com>.
/*
* "Re: another idea" by sameer <sa...@c2.org>
* written Sat, 18 Nov 1995 14:25:38 -0800 (PST)
*
** Hmm, HTTPS would seem logical. What does netsite set it to?
* I beleive it only sets it to yes/no or something like that.
*
*/
Close. It's "ON" or "OFF". Netsite also provides the size of the
stream key as HTTPS_KEYSIZE, and the size of the secret part of the
stream key as HTTPS_SECRETKEYSIZE. Both are integers.
--Rob