W3C home > Mailing lists > Public > www-html@w3.org > June 2000

https:/ and http:/ using relative URLs to switch between secure and non-secure

From: EF <energyflow@energyflow.com>
Date: Mon, 19 Jun 2000 13:27:13 -0400 (EDT)
Message-ID: <003c01bfda14$389e9020$d301a8c0@bigdaddy>
To: <www-html@w3.org>
My www server supports secure sockets layer (https) and normal (non-secure)
http

It would be SO VERY HELPFUL to be able to relatively link from one page to
another, turning on or off secure sockets.

I propose that http: and https: need not be followed immediately by the
double slash // which indicates the name of a server follows.

Instead, let us allow a single slash to follow the colon, to indicate a
relative linking on the same server as the anchor.

If I am on a non-secure page, to link to a secure page, I could use:

<A HREF="https:/members/login.htm">

This would keep me on my same webserver, but switch the transfer protocol to
secure mode.

Likewise, if I am on a secure page and I wish to switch to non-secure mode,
I could use:

<A HREF="http:/info/contact.htm">

This would keep me on my same webserver but switch the transfer protocol to
non-secure mode.

Since I am remaining on the same server, no // should be necessary.  Only a
single slash would be necessary to indicate the root.

Conceivably, relative URLs could also be used with this technique, a la:

<A HREF="http:../info/howto.htm">

OR

<A HREF="https:../secure/payment.htm">

I find that, in general, using SSL is not easy because you have to spell out
the entire domain name, and could be made much easier with a simple tweak to
the allowed syntax of URLs.

Insisting that https be followed at all times by :// is too strict and is
causing me development headaches.  My site has many pages which need to be
https secured, and many which do not.  It is a waste of server resources to
display a page that does not contain secure data using https.

Please rally behind me on this issue if you feel strongly about it.
Received on Tuesday, 20 June 2000 13:30:47 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 March 2012 18:15:43 GMT