On 10/14/06, Dick Hardt [EMAIL PROTECTED] wrote:
Also note that URL parameters are not secured by TLS in HTTPS.
-- Dick
URL parameters are sent with the path in the GET line of the HTTP
request after the TLS handshake, so URL parameters ARE secured.
--
Grant Monroe
JanRain, Inc.
Also note that URL parameters are not secured by TLS in HTTPS.
-- Dick
On 13-Oct-06, at 3:57 AM, Chris Drake wrote:
Hi All,
Just so everyone remembers: GET encoded http://; URLs usually
appear en-mass in public lists (from proxy cache logs). If you don't
want to POST data anyplace,
Hi All,
Just so everyone remembers: GET encoded http://; URLs usually
appear en-mass in public lists (from proxy cache logs). If you don't
want to POST data anyplace, remember to expect replay attacks
often.
Kind Regards,
Chris Drake
Friday, October 13, 2006, 7:48:31 PM, you wrote:
JH On