Allow both http and https for a given domain?

It's a feature request. You may have to handle this yourself for now in a hook_form_alter().

Don't alter my function. Write your own module, something like domain_ssl. And use domain_ssl_form_alter() to change the $form['#action'].

Subscribe. Will look into it soon, as I need it also.

Would this be a separate (sub)module?

If so, could make a d.o project so those interested could test it and file patches, etc.

Subscribing.

For D7, I have the following module already on my plate, but nothing for D6. Decide based on that.

DOMAIN PATH

-- Allows the registration of arbitrary Drupal paths (either aliases or canonical paths) with a given Domain.
-- Will allow rewrites of links to that path to follow the domain rewrite rules currently used by nodes.

It would be pretty easy, I think, to add an HTTP / HTTPS toggle to these settings.

I just looked through the D6 code to confirm, using either hook_domain_source_alter() or hook_domain_source_path_alter(), you can toggle the HTTP / HTTPS element of a node or Drupal path without any changes to the core module. You just have to alter the 'path' element of the $domain array by reference.

So, something like:

function mymodule_domain_source_path_alter(&$source, $path) {
  Always write admin paths to HTTPS.
  if ($path != 'admin') {
    return;
  }
  $source['path'] = str_replace('http://', 'https://', $source['path']);
}

This part is dead simple; the harder part is a UI to control these settings. A separate module is the only option for D6.

There will, of course, be a performance hit here, especially if you have to do a database lookup inside this function. Might be best to cache all the rewrite rules from a single query.

+1

I installed the SSL module per #5. It works but with a hitch. I'm now getting the mixed content warning in IE and FF.

Subscribing - would be great to have, and I'm willing to test

How does a shopping cart (e.g., Ubercart) handle something like this? Normally you would want the catalog (public material) to be http, but admin and sensitive customer information (name, address, phone, payment details, etc.) to be https. Does Drupal really require the whole site to be one or the other, but not a mixture of http and https? That would be horrible! Anyway, if Ubercart permits a mix, perhaps you could get some ideas poking around in its code?

Nice, but looking at the code, I wonder if we should just patch the main module. This is the part that interests me:

    // Protocol of current request.
    $req = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on')
      ? 'https' : 'http';

    // If the protocol doesn't match the current page's protocol, fix it.
    if (($action['scheme'] != $req) && ($action['host'] == $domain['subdomain'])) {
      $form['#action'] =  $req .'://'. $action['host'] . $action['path'] . $action['query'];
    }

We may want to put that into hook_domainload(), in fact, to dynamically force HTTPS in cases where other modules use the protocol.

On some servers, $_SERVER['HTTPS'] may have a value of '1' instead of 'on'. You may want to check for that.

Yes, I second that, I'm used to a TRUE/FALSE response. There are actually places in the code where I do this:

  if (!empty($_SERVER['HTTPS'])) {
    $scheme = 'https';
  }

See domain_set_primary_domain().

This is the proper check, see http://php.net/manual/en/reserved.variables.server.php

 'HTTPS'
    Set to a non-empty value if the script was queried through the HTTPS protocol.

        Note: Note that when using ISAPI with IIS, the value will be off if the request was not made through the HTTPS protocol. 

If the value is ever set to the string 'off', this is a server-level implementation error.

The old code sample is, well, old (from 2008). And replaced by better understanding of the PHP docs.

I would patch this directly in 7.x and then backport immediately, yes.

@agentrickard Has the code from the D6 Domain SSL module (to allow both http and https on a given domain) been patched into D7 Domain Access core or contrib module? Or is there still a need to implement this functionality in a custom D7 module?

Thanks

Still needs work (either a patch or a module) for D7.

Where in the module would we need to look to patch this for D7? Or what needs to be updated in the Domain SSL module?

Oh it appears the D6 version of the Domain SSL module can be updated just by changing the version numbers in the info file, and it appears to work as expected so far... Are there any problems that I might not foresee by doing this?

I need this on a D7 site, but I don't quite understand the above well enough to implement it. Can someone summarize instructions on how to get this working?

+1

This might be a little late to be useful to anyone, but here's a hack that bypasses Domain module from trying to enforce a scheme.