HTTPS到HTTPS重定向会话问题 [英] HTTPS to HTTPS redirect session issue

问题描述

我有一个网站（建立在LAMP（cakephp）上并安装了SSL证书），其中有一个安全的付款页面。在填写必要的信息后，用户进入支付网关页面。在网关端的所有过程之后，网关重定向到我的一个URL，我必须提及一个付款请求。
现在当我保持此URL，因为http重定向正常进行，所有会话都维护。但是我想将此页面设置为https，当支付网关重定向到该网址的https版本时，我的会话信息会丢失，我会重定向到我的主页。

例如：我的付款页面
https://www.mysite.com/payment

从这里用户转到付款网关网站，必要的事情和付款网关重定向到

http://www.mysite.com/paymentResponse （此网址必须在请求中提及）

现在我必须使用HTTPS，但是当我这样做时，我的会话信息会消失

Plz帮助我

感谢，
Dinesh

解决方案

为什么它应该适用于纯HTTP请求，但问题可能与配置:: write（'Security.level'）设置为 或或高，这会激活PHP的 session.referer_check 在从外部网站重定向时会为您折服。

I have a site (built on LAMP (cakephp) and has ssl certificate installed) which has a secure payment page. After filling up necessary information user proceeds to a payment gateway page. After all the process at the gateway end, gateway redirects to one of my URL, which I have to mention with a payment request. Now when I keep this url as http redirect happens properly and all the sessions are maintained. But I want to make this page as https, and when the payment gateway redirects to the https version of the URL, my session information dies and I get redirected to my home page.

eg: my payment page https://www.mysite.com/payment

from here user goes to the payment gateway site, does necessary things and payment gateway redirects it to

http://www.mysite.com/paymentResponse (this url i have to mention in the request)

now i have to make this as HTTPS, but when I do that my session info dies

Plz help me

Thanks, Dinesh

解决方案

I don't know why it supposedly works for plain HTTP requests, but the problem may be related to Configure::write('Security.level') being set to medium or high, which activates PHP's session.referer_check, which may be the reason sessions are dying for you when being redirected from external sites.

这篇关于HTTPS到HTTPS重定向会话问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！