At 10/22/03 2:09 PM, Jacqui Cook wrote: >Issue 1. Are we using a secure server for the login to rrc.tucows.com >The answer is yes - the actual url for the server is https://rrc.tucows.com/ >Therefore proper authentication and encryption is being observed.
Actually, it's not, because the top of the HTML code for the page has this line: <base href="http://rrc.tucows.com/"; /> This forces the form submission line: <form name="register" action="home" method=POST .... ... to submit the form as: http://rrc.tucows.com/home ... instead of: https://rrc.tucows.com/home -- Robert L Mathews, Tiger Technologies http://www.tigertech.net/
