Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

are http forms posted thru https secure?

forms http HTTPS posted Secure
0
Posted

are http forms posted thru https secure?

0 CommentsAdd a Comment

1 Answer

0

The thing your friend was trying to articulate is that if you deliver the FORM itself over plain http then it is not secure against MITM attacks, and so someone could conceivably intercept it and change the submit location of the FORM to be their own site, thus receiving every user’s login credentials (and then sending a fake error message or whatever) and you’d never know. By both delivering the FORM and receiving its POST over https you mitigate this type of attack. So yes technically the data submitted only happens on the POST and so you can just use https for that, but this assumes that the evildoer has not altered the destination of that POST.

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123