在非安全页面中提交表单
我希望有人回答这个问题,如果可能的话,提供一些参考链接来支持它(如果可能的话)。需要向某人证明它不安全。
如果我在非安全页面上有一个带有 post 方法的表单,但操作属性指向安全 URL,那么提交的表单安全吗?
I would like someone to answer this and if possible provide some reference links to back it up (if possible). Need to prove to someone its not secure.
If I have a form with the post method on a non-secure page, but the action attribute is pointing to a secure URL, is the submitted form secure?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
是的。数据被提交到安全的 URI,因此是加密且安全的。
然而......用户在提交表单之前不会有任何迹象表明这种情况会发生,因此您也应该通过 SSL 提供表单。
Yes. The data is submitted to a secure URI, so is it is encrypted and secure.
However … the user will have no indication that this is going to happen before they submit the form so you should provide the form over SSL too.
简短的回答是:如果不实现 ssl(https),则不安全。请查看我的问题,以及此处
希望这会有所帮助。
Short answer is : no secure if ssl(https) is not implemented. Please have a look at my question, and the answers from security guys to that here
Hope this helps.