Ah... Thanks guys... My curiosity is cured. That was going to bug me the rest of the day... :)
-----Original Message----- From: Christopher Olive [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 30, 2002 10:27 AM To: CF-Talk Subject: RE: SSL on form submission that's not strictly correct. (before i begin, i always SSL the form itself, since it gives the users warm fuzzies). when a user calls up a form and enters data into it, the data is still on their local PC. it has not gone "over the wire" yet. if the form's action page is HTTPS, when the user submits the form, the request *and all its data* are encrypted. but, as i said, i prefer to encrypt the form so the user can see the little glowing lock (or whatnot) and feel good. chris -----Original Message----- From: Joel Firestone [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 30, 2002 11:17 AM To: CF-Talk Subject: Re: SSL on form submission Well, if I understand it correctly, the SSL secures the data being transferred. If you only use it on the action page, and not the submission itself, the data going from form.cfm to action.cfm would not be secure. But if form.cfm is in SSL, then it would be secure. HTH ----- Original Message ----- From: "Chad Gray" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Tuesday, July 30, 2002 11:05 AM Subject: RE: SSL on form submission > That is the safe way I would assume.. but is it necessary? > > > > -----Original Message----- > From: Joel Firestone [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, July 30, 2002 9:58 AM > To: CF-Talk > Subject: Re: SSL on form submission > > I always do it for the form. The submission would then be protected. > > HTH > > ----- Original Message ----- > From: "Chad Gray" <[EMAIL PROTECTED]> > To: "CF-Talk" <[EMAIL PROTECTED]> > Sent: Tuesday, July 30, 2002 10:55 AM > Subject: SSL on form submission > > > > Im wondering if when a form is submitted at what point do you request > > SSL? > > > > Do you want the form to be covered under SSL as the user is filling it > > out? https://www/form.cfm > > > > Or do you leave the form http://www/form.cfm and use > > <form action="https://www/action.cfm"; method="POST"> enough to encrypt > > the data being passed to the action page? > > > > Just curious.... > > > > > > > > > > > > ______________________________________________________________________ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
