发表新帖
发表新帖

Is it secure to submit from a HTTP form to HTTPS?

后端 未结
关注
11 2101
悲哀的现实
悲哀的现实 2020-11-28 23:17

Is it acceptable to submit from an http form through https? It seems like it should be secure, but it allows for a man in the middle attack (here is a good discussion). Th

11条回答
  • 北荒
    北荒 (楼主)
    2020-11-28 23:53

    IE Blog explains: Critical Mistake #1: Non-HTTPS Login pages (even if submitting to a HTTPS page)

    • How does the user know that the form is being submitted via HTTPS? Most browsers have no such UI cue.
    • How could the user know that it was going to the right HTTPS page? If the login form was delivered via HTTP, there's no guarantee it hasn't been changed between the server and the client.

    0 讨论(0)
 看不清?
提交回复
热议问题