I think what you are doing doesn't make much sense.
Let's break down redirects for two cases:
- GET request
- Carries all the information in the URL. You could redirect this request easily, but there is no point in doing that. Why? Because whoever was sniffing your traffic has already sniffed the data. Transfering the same data again over HTTPS just gives the attacker lots of clear text to try "known plaintext" attacks against your secret key.
- POST request
- POST request does not carry the data in the URL, that data is posted separately, once the connection is established. However, handling of redirected POST requests is extremely browser dependant.
In addition, if your form is directed to a HTTP address, the people filling out the form won't see the little "safe-data" lock in the corner of their browser window, even thought their data might be safe.
In short, if you control the forms enough that you could switch them from GET to POST, you control them enough to change the address to https. And if you find a way to implement what you're planing, it won't do you any good.
Except that you will learn something of mod_perl - that may or may not make it worth it to you.
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link or
or How to display code and escape characters
are good places to start.
|
