dptt66700 2015-04-06 22:19
浏览 159
已采纳

禁用某些包含来自外部网站的不安全内容的页面的SSL

I would like to disable SSL for certain pages which contain external content (iframes) coming from non-secure external sources. I need to disable SSL only on the pages which have insecure (iframes) content from the external websites don't use https.

This is my server environment,

Centos 6, PHP, Apache, Mysql,

Regards

  • 写回答

1条回答 默认 最新

  • dousuochu7291 2015-04-07 12:21
    关注

    The problem has been solved by putting two lines of code into the header. The solution is a bit case specific but can inspire those who have similar issues. In my case I already know what the insecure content is (iframe from non-ssl external sites). And pages contain iframes are already satated in the DB. The following code helped me by disabling https where the page has iframe content.

    redirection occurs if filetype='code' in the db.

    <?php 
    if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') {
        if ($row2['filetype'] == 'code') {
            header('Location: http://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
            exit;
        }
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?