Section
6.3.2
Top Level
Sub Level
General
Check to verify that sensitive pages are being accessed from an SSL connection. This is to double-check that the server configuration is correct.
Coldfusion
This can be enforced on the server side with IIS. The URL can also be rewritten in the application to use SSL by utilizing the HTTPS, SERVER_NAME,SCRIPT_NAME, and QUERY_STRING CGI variables with the cflocation tag. (Tip: do this in an Application.cfm file)
Django
See 1.1.1.
Java
In J2EE, use ServletRequest.isSecure().