Re: using SSL — HTML — IT news, forums, messages

You are here: Re: using SSL « HTML « IT news, forums, messages

Posted by David Dorward on 11/17/09 11:28

Toby Inkster wrote:

> Wherever I redirect my script to is free to be on regular HTTP without
> compromising the login data, correct?

> Correct, *assuming* you *don't* do anything like:

<snip>

In other words - if the user needs to remain logged in, then whatever you
use the track them after leaving SSL is vulnerable to being sniffed and
copied.

So stay in HTTPS for the entire time the user is logged in if you want to
keep the user's credentials (and the data they send and recieve while
logged in) secure.

--
David Dorward <http://blog.dorward.me.uk/> <http://dorward.me.uk/>
Home is where the ~/.bashrc is

Navigation:

Next in forum: Re: WIDTH attribute for peformatted text
Prev in forum: Re: MORE VIRTUAL NOMINATIONS
Thread view: Re: using SSL

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация