HTTPS Prerequiste for Button Click

StackOverflow https://stackoverflow.com/questions/23664775

Domanda

I am using angular to make a user profile page that I only want to be accessible if connected using HTTPS. 

<div>
        <p>Please access this page through SSL (https) to change your password.</p>
        <button type="button" class="btn btn-lg btn-danger" ng-click="openPasswordModal()">Change Password</button>
</div>

What can I do to enforce that the button cannot be accessed except when the page is loaded in HTTPS?

Thanks.

È stato utile?

Soluzione

From my understanding, that's not how https works.. Pretty sure your web server needs to be configured to use SSL, it's not something the user has control over when visiting your site. If you're using IIS, see: http://support.microsoft.com/kb/324069. Otherwise try searching for "configuring https" for whatever web server you're using (IIS, Apache, etc.)

To answer your question about how to disable a button, you can use the ng-disabled directive. See https://docs.angularjs.org/api/ng/directive/ngDisabled for more info.

Altri suggerimenti

You can enforce this in the client looking for https:// in the url field and redirect the user if he/she is using http://.

However the above is not recommended. You can always tamper with client-side scripts and disable such features.

Enforce this using apache/nginx or whatever webserver that you use.

Autorizzato sotto: CC-BY-SA insieme a attribuzione
Non affiliato a StackOverflow
scroll top