2

I have a custom module with frontend actions that I want to be secure. So in my module's config.xml file I put this:

<secure_url> <mymodule_controller>/mymodule/controller</mymodule_controller> </secure_url>

On it's own, this works great.

Secondly, in my controller's Index action I have this:

if (!Mage::getSingleton('customer/session')->isLoggedIn()) { $this->norouteAction(); return; }

If I browse to example.com/mymodule/controller (or example.com/mymodule/controller/index) over HTTP, Magento redirects me to HTTPS, then sees that I'm not logged in and tries going to the norouteAction which is on HTTP, so Magento forces HTTP, and then it loops.

I get an infinite redirect loop.

Is there a way to use the noroute from an secure controller action without causing redirect loops?

Improve this question

2 Answers 2

Reset to default
1

There are following possible way to do it:

  1. You can override the norouteAction function and in you custom extension set header with https instead of http.

  2. After checking that if user is not logged in redirect on other url instead of same url, like:- example.com/mymodule/controller/404

Improve this answer
1

I ultimately chose to redirect to the login page, instead of mucking with the norouteAction or having a dedicated 404 action in my controller. It's not strictly the same thing as using the 404 page over HTTPS, but it works for me.

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.