The information you’re about to submit is not secure

The information you’re about to submit is not secureBecause the site is using a connection that’s not completely secure, your information will be visible to others.
  • Ensure all forms submit to a secure HTTPs endpoint
  • Ensure there’s no follow up redirects going through HTTP.
  • 200 POST /login (HTTPs) -> redirect to /home
  • 302 GET /home (HTTP)
  • Error: `The information you’re about to submit is not secure`
$settings['reverse_proxy'] = TRUE;
$settings['reverse_proxy_addresses'] = ['1.2.3.4']; //TO REPLACE
$settings['reverse_proxy_trusted_headers'] = \Symfony\Component\HttpFoundation\Request::HEADER_X_FORWARDED_ALL;
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
http-response replace-value Location ^http://(.*)$ https://\1
http-response set-header location %[res.hdr(location),regsub(http://,https://)] if { status 301 302 }
proxy_set_header HTTP_X-Forwarded-Proto "https";
proxy_set_header HTTP_X-Forwarded-Port "443
fastcgi_param HTTP_X-Forwarded-Proto "https";
fastcgi_param HTTP_X-Forwarded-Port "443";
Header edit Location ^http://(.*)$ https://$1
<rule name="Add WWW" stopProcessing="true">
<match url="^(.*)$"/>
<conditions>
<add input="{HTTP_HOST}" pattern="^(?!www\.)(.*)$"/>
</conditions>
<action type="Redirect" url="http://www.{C:0}{PATH_INFO}" redirectType="Permanent"/>
</rule
addEventListener('fetch', event => {
event.respondWith(handleRequest(event.request))
})
async function handleRequest(request) {
let response = await fetch(request)
let newHeaders = new Headers(response.headers)
if (newHeaders.has("Location")) {
let new_loc = newHeaders.get("Location").replace("http:", "https:")
newHeaders.set("Location", new_loc)
}
return new Response(response.body, {
status: response.status,
statusText: response.statusText,
headers: newHeaders
})
}

--

--

--

https://gomes.sh/

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Prolog clp(fd) solve killer sudoku and greater killer sudoku

Stay-at-home mom finds new career as Jr. Developer

How to Host Unity Games on the Web

Multi-language sikobaPay

How to use Statistics IO to Improve Your Query Performance

GitHub Actions-Custom Actions Image from Private Registry

How Dedicated Hosting Differs from Dedicated Servers?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Pedro Gomes

Pedro Gomes

https://gomes.sh/

More from Medium

How digitalisation and automation is changing the property industry post COVID-19

How to Have a Good Relationship with IT

Creative Computing / Meshes

Equity, diversity and inclusion — the trouble with circular logic.