Mixed mode HTTP / HTTPS


If you don’t have time to read troyhunt’s full article on “The beginners guide to breaking website security with nothing more than a Pineapple”, then at least try and read the conclusion sections, and follow the link to “why it’s not ok to load login forms over HTTP even if they post to HTTPS”.

Finally, have a read of “5 ways to implement HTTPS in an insufficient manner (and leak sensitive data)”

~ by mdavey on September 30, 2013.

Posted in Languages
Tags:

One Response to “Mixed mode HTTP / HTTPS”

  1. […] Mixed mode HTTP / HTTPS (Matt Davey) […]

    Dew Drop – September 30, 2013 (#1,634) | Morning Dew said this on September 30, 2013 at 2:41 pm | Reply

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.