"Adam Hardy" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > > > Hi All, > > I am trying to work out whether my form submission is sent encrypted in > SSL or not. > > If I code my form like this: > > <form method="POST" action="https://localhost:8443/sslform";> > > will it actually be encrypted? >
Yes. > When I click submit, the browser pops up a certificate dialog box (since > I'm not using verisign) and then the message that I'm visiting a secure > form. > > This makes me think that the request has been sent unencrypted first to > the server, which has responded in SSL with the certificate. > > Is that so? No. All of that traffic is the SSL-handshake between your browser and Tomcat. Your browser won't send the actual request to Tomcat until after all of the popups. > > Thanks > Adam > > PS is there a tool like wget or perhaps a way of using wget, where I can > specify form elements in a request and see the contents & config of the > server's response? > > -- > struts 1.1 + tomcat 5.0.12 + java 1.4.2 > Linux 2.4.20 RH9 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
