The information you’re about to submit is not secure

The information you’re about to submit is not secureBecause the site is using a connection that’s not completely secure, your information will be visible to others.
  • Ensure all forms submit to a secure HTTPs endpoint
  • Ensure there’s no follow up redirects going through HTTP.
  • 200 POST /login (HTTPs) -> redirect to /home
  • 302 GET /home (HTTP)
  • Error: `The information you’re about to submit is not secure`
$settings['reverse_proxy'] = TRUE;
$settings['reverse_proxy_addresses'] = ['']; //TO REPLACE
$settings['reverse_proxy_trusted_headers'] = \Symfony\Component\HttpFoundation\Request::HEADER_X_FORWARDED_ALL;
http-response replace-value Location ^http://(.*)$ https://\1
http-response set-header location %[res.hdr(location),regsub(http://,https://)] if { status 301 302 }
proxy_set_header HTTP_X-Forwarded-Proto "https";
proxy_set_header HTTP_X-Forwarded-Port "443
fastcgi_param HTTP_X-Forwarded-Proto "https";
fastcgi_param HTTP_X-Forwarded-Port "443";
Header edit Location ^http://(.*)$ https://$1
<rule name="Add WWW" stopProcessing="true">
<match url="^(.*)$"/>
<add input="{HTTP_HOST}" pattern="^(?!www\.)(.*)$"/>
<action type="Redirect" url="http://www.{C:0}{PATH_INFO}" redirectType="Permanent"/>
addEventListener('fetch', event => {
async function handleRequest(request) {
let response = await fetch(request)
let newHeaders = new Headers(response.headers)
if (newHeaders.has("Location")) {
let new_loc = newHeaders.get("Location").replace("http:", "https:")
newHeaders.set("Location", new_loc)
return new Response(response.body, {
status: response.status,
statusText: response.statusText,
headers: newHeaders




Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Prolog clp(fd) solve killer sudoku and greater killer sudoku

Stay-at-home mom finds new career as Jr. Developer

How to Host Unity Games on the Web

Multi-language sikobaPay

How to use Statistics IO to Improve Your Query Performance

GitHub Actions-Custom Actions Image from Private Registry

How Dedicated Hosting Differs from Dedicated Servers?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Pedro Gomes

Pedro Gomes

More from Medium

How digitalisation and automation is changing the property industry post COVID-19

How to Have a Good Relationship with IT

Creative Computing / Meshes

Equity, diversity and inclusion — the trouble with circular logic.