1 posts categorized "javascript"


WebSEAL: Cheap and Easy Way to Rewrite HTTP to HTTPS

One common, but minor, bit of frustration after setting an SSL Quality-of-Protection (QOP) ACL on a webseal junction is that it is not second-nature for an end-user to enter 'https' in the browser bar. Our brains still default to http but once you set that QOP level on your junction, accessing it over an unencrypted link results in one of those relatively generic-looking, default WebSEAL error pages suggesting you re-try using HTTPS instead.

Well, for those of you looking to suppress that error and automatically redirect the browser to an encrypted channel instead, all you need to do is modify the custom error page for WebSEAL and enter some simple javascript that will redirect http to https.

Each webseal instance ships with it's own set of custom error pages, which are typically located in /opt/pdweb//lib/errors/C. The page in question that you'll want to back up and then edit is 38cf0434.html. Replace the head and body with the following:
<html><head><title>Error 403.4</title>

<meta name="robots" content="noindex">
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"></head>


<script language="JavaScript">
var href = self.location.href;
var originalURL = href.substring(7,href.length);
self.location = 'https://' + originalURL;


This is pretty standard javascript that redirects requests to use https without modifying any other part of the original URL. Give it a try or post something in the comments if you've got something even cooler than this.