Reply to Re: using SSL — HTML — IT news, forums, messages

Posted by Toby Inkster on 10/03/05 09:25

Marcus wrote:

> Thank you for the reply. So just to clarify, both the front end
> interface that accepts the form data and the backend processing page
> should be on the HTTPS server. From there, wherever I redirect my
> script to is free to be on regular HTTP without compromising the login
> data, correct?

Correct, *assuming* you *don't* do anything like:

- put the login data in a cookie
- pass it around in the query string
- pass it around in POST data

If you do that, then your login data can be sniffed.

--
Toby A Inkster BSc (Hons) ARCS
Contact Me ~ http://tobyinkster.co.uk/contact

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация