Currently, it is all or nothing, the entire page is secure or none of it is. If you can send secure data via a non-secure channel (HTTP, not HTTPS) is it really secure, just because the server rejects the request?
On Thu, Apr 17, 2008 at 4:13 PM, Filip S. Adamsen <[EMAIL PROTECTED]> wrote: > Hi, > > I have a login form on most pages in my application. I would like this form > to be secure. As far as I can see, though, this isn't possible because form > actions will only be secure if the form is contained in a secure page. > > Would it be possible to add a secure parameter or some such to Form that > would take care of this? > > -Filip > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- Howard M. Lewis Ship Creator Apache Tapestry and Apache HiveMind --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
