--- Jenda Krynicky <[EMAIL PROTECTED]> wrote:
> I think you misread the original post. Byron Wise
> says:
>
> > Recently my company decided to put their login on
> the main
> > page. This main
> > page isn't secure. However the action attribute
> of the form
> > tag does point
> > to a secure cgi script that handles the
> username/password.
> > What security
> > risks if any are there with having this form on a
> non secure page?
>
> So the username and password WILL BE USING a secure
> connection.
I agree with Mark (or I've misread the original post
as well). The login is on a non-secure page, so the
password gets sent in the clear to the cgi script on
the secure server.
__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail - only $35
a year! http://personal.mail.yahoo.com/
_______________________________________________
Perl-Unix-Users mailing list. To unsubscribe go to
http://listserv.ActiveState.com/mailman/subscribe/perl-unix-users
