HTTPS到HTTPS重定向会话问题 [英] HTTPS to HTTPS redirect session issue
问题描述
我有一个网站(建立在LAMP(cakephp)上并安装了SSL证书),其中有一个安全的付款页面。在填写必要的信息后,用户进入支付网关页面。在网关端的所有过程之后,网关重定向到我的一个URL,我必须提及一个付款请求。
现在当我保持此URL,因为http重定向正常进行,所有会话都维护。但是我想将此页面设置为https,当支付网关重定向到该网址的https版本时,我的会话信息会丢失,我会重定向到我的主页。
例如:我的付款页面
https://www.mysite.com/payment
从这里用户转到付款网关网站,必要的事情和付款网关重定向到
http://www.mysite.com/paymentResponse (此网址必须在请求中提及)
现在我必须使用HTTPS,但是当我这样做时,我的会话信息会消失
Plz帮助我
感谢,
Dinesh
为什么它应该适用于纯HTTP请求,但问题可能与配置:: write('Security.level')
设置为 或
或
高
,这会激活PHP的 session.referer_check
在从外部网站重定向时会为您折服。
I have a site (built on LAMP (cakephp) and has ssl certificate installed) which has a secure payment page. After filling up necessary information user proceeds to a payment gateway page. After all the process at the gateway end, gateway redirects to one of my URL, which I have to mention with a payment request. Now when I keep this url as http redirect happens properly and all the sessions are maintained. But I want to make this page as https, and when the payment gateway redirects to the https version of the URL, my session information dies and I get redirected to my home page.
eg: my payment page https://www.mysite.com/payment
from here user goes to the payment gateway site, does necessary things and payment gateway redirects it to
http://www.mysite.com/paymentResponse (this url i have to mention in the request)
now i have to make this as HTTPS, but when I do that my session info dies
Plz help me
Thanks, Dinesh
I don't know why it supposedly works for plain HTTP requests, but the problem may be related to Configure::write('Security.level')
being set to medium
or high
, which activates PHP's session.referer_check
, which may be the reason sessions are dying for you when being redirected from external sites.
这篇关于HTTPS到HTTPS重定向会话问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!