search

ytrstu / vosao

Automatically exported from code.google.com/p/vosao
GNU Lesser General Public License v2.1
0 stars 0 forks source link

Ability to force SSL on certain pages #293

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
There needs to be the ability to force certain pages to use SSL, and other's to 
be forced to use standard http. The scenario comes around when:

1. You have a site like http://www.mysite.com
2. Some of those pages require SSL (for passwords or something, whatever). 
Force SSL (that means force certain pages to go to https://appid.appspot.com/). 
This can currently done by modifying web.xml but is a clunky way of doing 
things.
3. You don't want Googlebot to crawl both your http://www.mysite.com and your 
http://appid.appspot.com thinking they are different sites. So force standard 
http on non-ssl pages.

Basically, the only reason I (and I guess others) is so Googlebot doesn't crawl 
and index the same site twice.

Original issue reported on code.google.com by roland.q...@gmail.com on 31 Jul 2010 at 6:05

GoogleCodeExporter commented 8 years ago 
Another (quick) option could be to have an optional ROBOTS.TXT file for the 
appspot domain that has a complete nofollow rule.

Original comment by roland.q...@gmail.com on 31 Jul 2010 at 6:11

GoogleCodeExporter commented 8 years ago 
sorry, I mean no index no follow on the appspot.. could also be put in the 
metadata of a template too.

Original comment by roland.q...@gmail.com on 31 Jul 2010 at 6:12

GoogleCodeExporter commented 8 years ago 
In the GAE roadmap http://code.google.com/appengine/docs/roadmap.html
there is task:
- SSL for third-party domains

Original comment by kinyelo@gmail.com on 31 Jul 2010 at 6:28

GoogleCodeExporter commented 8 years ago 
Actually we can use web service sending passwords and for service endpoint use 
SSL https://appname.appost.com address. This call can be done from unsecure 
page.

Original comment by kinyelo@gmail.com on 31 Jul 2010 at 6:32

GoogleCodeExporter commented 8 years ago 
[deleted comment]
GoogleCodeExporter commented 8 years ago 
[deleted comment]
GoogleCodeExporter commented 8 years ago 
[deleted comment]
GoogleCodeExporter commented 8 years ago 
Actually... there is a solution. Google made a change last year for this (just 
found out)... if you specify the canonical name in your meta data, it won't 
penalise you:

http://googlewebmastercentral.blogspot.com/2009/02/specify-your-canonical.html

You can close the issue now. That was all I was really concerned about (sorry).

Original comment by roland.q...@gmail.com on 31 Jul 2010 at 6:51

GoogleCodeExporter commented 8 years ago

Original comment by kinyelo@gmail.com on 31 Jul 2010 at 7:24