http://tools.ietf.org/html/rfc2818
On 10/17/06, Johannes Ernst <[EMAIL PROTECTED]> wrote:
> I thought that, too, but couldn't find a good reference. Do you have
> a reference handy that explains this?
>
> On Oct 16, 2006, at 10:35, Grant Monroe wrote:
>
> > On 10/14/06, Dick Hardt <[EMAIL PROTECTE
I thought that, too, but couldn't find a good reference. Do you have
a reference handy that explains this?
On Oct 16, 2006, at 10:35, Grant Monroe wrote:
On 10/14/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
Also note that URL parameters are not secured by TLS in HTTPS.
-- Dick
URL parameters
On 10/14/06, Dick Hardt <[EMAIL PROTECTED]> wrote:
> Also note that URL parameters are not secured by TLS in HTTPS.
>
> -- Dick
URL parameters are sent with the path in the GET line of the HTTP
request after the TLS handshake, so URL parameters ARE secured.
--
Grant Monroe
JanRain, Inc.
___
Also note that URL parameters are not secured by TLS in HTTPS.
-- Dick
On 13-Oct-06, at 3:57 AM, Chris Drake wrote:
> Hi All,
>
> Just so everyone remembers: "GET" encoded "http://"; URLs usually
> appear en-mass in public lists (from proxy cache logs). If you don't
> want to "POST" data anypl
Hi All,
Just so everyone remembers: "GET" encoded "http://"; URLs usually
appear en-mass in public lists (from proxy cache logs). If you don't
want to "POST" data anyplace, remember to expect "replay attacks"
often.
Kind Regards,
Chris Drake
Friday, October 13, 2006, 7:48:31 PM, you wrote: