Re: alternative method

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The browser is not supposed to change that, unless you hard-link to
http:// somewhere in your application.

I don't guarantee no browser ever had a bug like that, but I never
heard of such a bug.

And there ain't no stopping a pesky user from taking the 's' out to
see what happens...  So you should be ready for that, and Do The Right
Thing, whatever that might be for your application.

On Sat, December 2, 2006 3:31 pm, Alain Roger wrote:
> Hi Richard,
>
> i already work on SSL also.
> basically, if $_SERVER['HTTPS'] is not setup to 'on', i redirect
> everything
> on the logon form window.
>
> I'm just scared about how SSL can be hold on between pages...
> for example :
>
> if on page index.php, SSL is activate.
> customer click on submit button and his redirected to main.php, i will
> redirect him with https:// in link, but does it keep SSL working ?
> will it not stop it for a while and restart it ?
>
> Alain
>
> On 12/2/06, Richard Lynch <ceo@xxxxxxxxx> wrote:
>>
>> On Sat, December 2, 2006 10:29 am, Alain Roger wrote:
>> > Based on phpsec.org documentation it is written ("between lines")
>> that
>> > GET
>> > and POST methods are still used but they are not the most secured
>> > (except if
>> > we take care for that).
>> > So, i would like to know which other methods are more secured that
>> > those 2.
>>
>> In addendum to Larry's post:
>>
>> You should also consider requiring SSL for any sensitive data, to
>> protect it in its travels from their computer to your server.
>>
>> SSL is kind of like an armored truck on the information
>> super-highway.
>> It doesn't stop bank robbers (server hacks) or muggers (viruses on
>> your users' computers), but the data is safe in transit between the
>> two.
>>
>> --
>> Some people have a "gift" link here.
>> Know what I want?
>> I want you to buy a CD from some starving artist.
>> http://cdbaby.com/browse/from/lynch
>> Yeah, I get a buck. So?
>>
>>
>
>
> --
> Alain
> ------------------------------------
> Windows XP SP2
> PostgreSQL 8.1.4
> Apache 2.0.58
> PHP 5
>


-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux