0

Using jQuery, I try to redirect to https like the following

webroot  = webroot.replace("http","https");
window.location.href = webroot+"/processpayment";

This is not working in Live but works well in Dev environment.

The other Option I tried is redirecting in the back end code (PHP). There on load of the page (processpayment/index.php) , I called the function

http_redirect_https();

The function does the following

function http_redirect_https(){
if ($_SERVER["HTTPS"] != "on")
{
    header("HTTP/1.1 301 Moved Permanently");    // Optional.
    header("Location: https://{$_SERVER["SERVER_NAME"]}{$_SERVER["REQUEST_URI"]}");

    exit(0); // Ensure that no other code is parsed.
}
}

But this threw an error - Too many redirects trying to open the page.

I am stuck. can you please help?

user4826347
  • 783
  • 2
  • 11
  • 29

4 Answers4

0

you can use htaccess or vhost for the same try the following: 

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]

Hope this helps

Kumar Saurabh Sinha
  • 880
  • 8
  • 23
0

I use something similar to what you have and it works perfectly fine. 

if($_SERVER["HTTPS"] != "on"){
        header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]);
        exit();
}else{
        header('Strict-Transport-Security: max-age=31536000');
}
AersolKing
  • 71
  • 5
0

WARNING : It the page sending the visitor to the (secure) payment page is using http (instead of https) then your website is vulnerable to sslstrip

If you manipulate payment informations then you really should consider using https everywhere and activate HSTS, otherwise your visitors are unsafe.

Tom
  • 4,666
  • 2
  • 29
  • 48
0

The only way I could get this working is by redirecting to an intermediate PHP page and then using

header("Location: "."https://".$appurl);

user4826347
  • 783
  • 2
  • 11
  • 29