[cgiapp] Re: RequireSSL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cgiapp] Re: RequireSSL

Subject: [cgiapp] Re: RequireSSL
Date: Fri, 01 Jun 2007 10:12:03 -0400
From: Mark Stosberg <suppressed>

Dan,

First, thanks for your work on this. I was one of the "wishers" for this
plugin, and much appreciate this effort. 

> because I had a need to scratch, I've written a module that checks that  
> designated run modes are invoked under SSL. I figure I should modify it 
> to meet the requirements for CGI::Application::Plugin::RequireSSL, as 
> requested at http://cgiapp.erlbaum.net/index.cgi?PluginsWanted, but I 
> have a few questions about these requirements:
> 
>     * If the param 'require_ssl' is present in the instance script,
>       everything accessed through it will be protected.
>     * If the subroutine attribute 'RequireSSL' is used, an individual
>       runmode will be protected.
>     * If the param 'rewrite_to_ssl' is present, any run modes that are
>       labeled as 'RequireSSL' (or all run modes if the param
>       'require_ssl' is present) that are accessed as non-SSL will be
>       redirected to the same run mode but as HTTPS.
> 
> I'm not sure I understand what is meant by "protected." Does this mean 
> an error is raised if standard HTTP is used when HTTPS is required?

Some will want an error, others will want an auto-redirect. The smart
default seems to be to redirect if you can, throw an error if you
can't. 

> In the cases where a request is "rewritten," what do keep in the 
> redirect?  I assume all query parameters if the method is "GET," but an 
> error is raised if "POST" is used.
> 
> In my case, I'd like to be able to turn the SSL checks on or off based 
> on a flag in my app's config file. This is because the team members all 
> have personal name-based virtual hosts, and SSL isn't supported in their 
> environments, although it is in the test, staging and prod envs, where 
> we could turn the checks on. Is such a flag something others would find 
> useful?

Definitely. Sometimes development environments don't have SSL, and it
can be a pain to get set up. The question is, how do we communicate that
to users when they see "RequireSSL" on a run mode, and assume it will
"just work"? 

Maybe we don't do anything, and expect people to check the flag. Maybe
we always warn to log: "RequireSSL plugin used but not enabled". That
could be annoying for a project that works in SSL and non-SSL production
environments.  I'm OK with having a silent-disable flag. 

I think to make it really clear, we'd have to use an alternate design
which centralized all the RequireSSL declarations in one place, like the
run_modes() definitions. Then these could be clearly conditionally
enabled or disabled. 

I'd proceed with the design you have now and we can see how well it
works in practice. 

Thanks again!

   Mark



---------------------------------------------------------------------
Web Archive:  http://www.mail-archive.com/suppressed/
              http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
To unsubscribe, e-mail: suppressed
For additional commands, e-mail: suppressed

Follow-Ups:
- Re: [cgiapp] Re: RequireSSL
  - From: Dan Horne

Next by Date: Re: [cgiapp] Re: RequireSSL
Next by thread: Re: [cgiapp] Re: RequireSSL
Index(es):
- Date
- Thread

Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.