> I have not used google analytics, so I don't know. In theory, it
> could/should still work. The original client ip is, afaik, included in
> the http header "X-Forwarded-For".
> It's pretty much as if the user uses a proxy server (i.e. a forward
> proxy, not a reverse proxy) - how does google anal
I have not used google analytics, so I don't know. In theory, it
could/should still work. The original client ip is, afaik, included in
the http header "X-Forwarded-For".
It's pretty much as if the user uses a proxy server (i.e. a forward
proxy, not a reverse proxy) - how does google analytics dea
> Talking about apache: including external content on https sites via
> http can in many cases be done without triggering warnings, by making
> a directory on your https server a reverse proxy using mod_proxy.
If this is done to fire a hit in google analytics, wouldn't google report the
ip addres
On Mon, 19 Jun 2006 16:41:25 -0400, Lutz Hühnken""
<[EMAIL PROTECTED]> wrote:
Why would you not want to use an external mechanism? Is it not rather
a feature of the framework to be "SSL agnostic"? I think more often
than not people would keep, for example, security and access right
aspects out
What I don't understand: in an earlier posting you wrote:
On 5/29/06, Josip Gracin <[EMAIL PROTECTED]> wrote:
[...]
scheme, but relying only on Tapestry mechanisms, i.e. not using Tomcat etc.?
[...]
Why would you not want to use an external mechanism? Is it not rather
a feature of the framewor
Kevin Menard wrote:
What we (or at least I) want is to deal with this at the page class
level. The idea would be a page class can either be marked as secure or
not and the framework would then take care of rewriting URLs with the
appropriate scheme. Such a system would allow for a nice hierar
On Mon, 19 Jun 2006 10:43:07 -0400, Giampaolo Tomassoni
<[EMAIL PROTECTED]> wrote:
Nah! Search engine don't access https and lazily browsing a site
wouldn't require an https link as well. Nobody would advocate http
support. But, again, when you enter an https there is a reason (a login
o
> > Switching back to http was an old habit: five years ago, when internet
> > bandwidth were really narrow and cpu power wasn't that high, it could
> > have made a difference. Today these are not anymore issues. I
> would try
> > to stress this fact and the security issues the http/https mi
On Mon, 19 Jun 2006 10:30:38 -0400, Jesse Kuhnert <[EMAIL PROTECTED]>
wrote:
Hard for me to have an opinion, but if there is a jira issue open for it
I
will try to remember to fix what inflexibility is being created with the
current system.
I'm stretching my brain a bit here, but I think w
Hard for me to have an opinion, but if there is a jira issue open for it I
will try to remember to fix what inflexibility is being created with the
current system.
On 6/19/06, Kevin Menard <[EMAIL PROTECTED]> wrote:
On Sun, 18 Jun 2006 12:41:43 -0400, Giampaolo Tomassoni
<[EMAIL PROTECTED]> wro
On Sun, 18 Jun 2006 12:41:43 -0400, Giampaolo Tomassoni
<[EMAIL PROTECTED]> wrote:
I'm really getting pissed about this (and feeling more and more stupid
after each new failed attempt). Especially since the constraint to mix
HTTP and HTTPS pages has been forced upon me with the explanation th
Giampaolo Tomassoni wrote:
You may develop a filter to be put on top of the tapestry servlet,
I'll check it out. Thanks for your time, I appreciate it!
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-ma
> Hello again!
>
> After trying out the suggestion to use in web.xml
> (thanks Giampaolo!) I've figured out that it doesn't exactly solve my
> problem. The problem is that I need to redirect to HTTPS for login and
> some other subset of pages, and then after login, redirect back to HTTP.
> By
13 matches
Mail list logo
