The Artima Developer Community
Articles | News | Weblogs | Books | Forums
Artima Forums | Articles | Weblogs | Java Answers | News
Sponsored Link

Ruby Buzz Forum
IE is braindead! (Wild card certs and https redirects)

0 replies on 1 page.

Welcome Guest
  Sign In

Go back to the topic listing  Back to Topic List Click to reply to this topic  Reply to this Topic Click to search messages in this forum  Search Forum Click for a threaded view of the topic  Threaded View   
Previous Topic   Next Topic
Flat View: This topic has 0 replies on 1 page
Guy Naor

Posts: 104
Nickname: familyguy
Registered: Mar, 2006

Guy Naor is one of the founders of famundo.com and a long time developer
IE is braindead! (Wild card certs and https redirects) Posted: Apr 2, 2007 3:06 PM
Reply to this message Reply

This post originated from an RSS feed registered with Ruby Buzz by Guy Naor.
Original Post: IE is braindead! (Wild card certs and https redirects)
Feed Title: Famundo - The Dev Blog
Feed URL: http://devblog.famundo.com/xml/rss/feed.xml
Feed Description: A blog describing the development and related technologies involved in creating famundo.com - a family management sytem written using Ruby On Rails and postgres 		Latest Ruby Buzz Posts
Latest Ruby Buzz Posts by Guy Naor
Latest Posts From Famundo - The Dev Blog

Advertisement

Sometimes I'm really amazed at the degree of brain-deadness in IE. And I have no doubts about recommending Firefox to everyone I talk to. "Nothing new here, what prompted your post?" you might ask.

We just released some small changes to Famundo to prevent IE from showing warnings for mixed http/https content. We use assets servers, but IE show warnings if the assets are served over http while the main content over https, so we switched to serving the assets over https if working with https pages.

But a new kind of warning hit us when we did the switch. Now IE would complain that our asset servers don't match the certificate. We have a wildcard certificate for *.famundo.com. It worked fine until now, but when we made the asset servers appear as: 1.app.famundo.com, 2.app.famundo.com, etc., IE said the certificate doesn't match the site. Needless to say Firefox didn't complain at all. The solution to this problem was changing the assets urls to 1.famundo.com, 2.famundo.com, etc. Now all browsers are happy.

Then, a different problem came up. When redirecting from the secure login page to the non-secure regular pages, IE would show a warning, and not even let you check it. Apparently this is a known issue. So we had to change the redirections we were using to trick IE by using reload meta command. Please note that returning a 400 status as described in the link above, doesn't work. Just return a regular 200 status and it works. In Rails we changed it from:

redirect_to("http://" + request.host + request.request_uri)

to:

render(:text => %Q[<meta http-equiv="refresh" content="0;url=http://#{request.host}/#{request.request_uri}">])

I hope this help someone else with similar problems. And do yourself and the web a favor - switch to Firefox!

Read: IE is braindead! (Wild card certs and https redirects)

Topic: OS X Annoyances Previous Topic   Next Topic Topic: Creating secure login code in Ruby on Rails
Sponsored Links


Google
  Web Artima.com   

Copyright © 1996-2019 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use