Forum Discussion
hooleylist
Sep 20, 2010Cirrostratus
I think SSL::mode still exists but the validation around it has been tightened:
when HTTP_REQUEST {
set ssl_mode_cmd "SSL::mode"
if { [eval $ssl_mode_cmd] == 1 } {
HTTP::header replace SSLMode "True"
} else {
HTTP::header remove SSLMode
}
}
Setting isSSL to 0 or 1 won't actually modify the request in any way. And checking the port won't stop someone from sending HTTP on port 443.
Aaron