» Home » secure » Page 1
Find non-secure http request being sent on secure page triggering IE6 “non-secure items notice”
by keird in Development Tools & Services

I have a page that is under SSL.

However, in IE6, I get a notification:

"This page contains both secure and non-secure items" etc.

I've looked at all the HTTP requests for that page in both Firebug and Wireshark, and non of it seems to be sent over plain HTTP, all the resources are being fetched over SSL/TLS. However, IE6 still gives the non-sure items noti

Issuing non-secure cookie over a secure connection results in pseudo-secure cookie
by keird in Programming Languages

When Firefox receives a cookie via an HTTPS connection, it appears to treat it as a secure cookie, even though the server did not send it as a secure cookie.

When I inspect the cookie from within Firefox, it displays "Send For: Encrypted connections only". When Firefox sends the cookie to the server in subsequent secure requests, inspection of the cookie in Java (Cookie.getSecure()

How to get jetty to send jsessionid-cookies with the secure-flag when using a secure channel
by dreampunchboy in Development Tools & Services

I am using Tomcat in my production environment and jetty in my testing environment (via jetty-maven-plugin).

Tomcat sets the secure-flag on a jsessionid-cookie, when it is sendig it over a secure channel (https), which looks like a good idea to me, becaus it prevents the session from being exposed, when the user klicks on a http://-link. But Jetty does not so!

I would l

How to structure content of PHP includes for use in both non-secure (http://) and secure (https://) areas and across multiple directories?
by jaredsmiller in PHP

I have a footer file that includes links and images. This file is used on my main homepage, and in multiple directories. It is also used on the secure part of my website (https://) after a user signs in.

What is the best way to organize the links so that (1) they can be used in the non-secure (http://) and secure (https://) areas of my site, while (2) also being able to use the

Secure login with additional context information passed through (which also needs to be secure)
by Niels Kloster in Programming Languages

My web application will be launched through existing thick client applications. When launched, an HTTP POST request will be generated including information like the userID and additional context information (basically stuff like the target user's name, birthday, etc.).

My plan for authentication is for there to be a look-up table in the database. If the username is already there, au

Is it possible/valid to have a TCP connection with secure login only, but non-secure messages?
by Ir0nh1de in Programming Languages

Say I am writing a chat server and client that allows users to login with their user-name and password. Now I could just send and receive the information as plain-text but there is the risk that the information may be intercepted. So the socket should be secured to protect the user. I am not interested in certificates or verifying identity, I just want to make sure that the information supplied

HTTPS does not work - Secure and Non secure data on web page?
by FallenHero in Programming Languages

I have a browser compatibilty problem with https? I have SSL installed and is in usage. Until today morning, my https part is working well. From then, Https is shown as https(with slashed in red color) saying the page has some insecure content.
I have not changed any code and suddenly i see this problem in chrome. In IE 8, i see the same problem but on every page, it shows me a popup if i

How to Switch Linksys From a Non-secure to a Secure Network
by kakashi_ in Computers
Linksys wireless routers can be configured to provide an unsecured -- also known as "open" -- or secured wireless network. In the unsecured network, all communications are transmitted in the clear; anybody within radio range can inspect their contents. The secured network, protected by a passphrase known only to authorized users, does not suffer from that security vulnerability. If your Linksys ro

Secure messaging using Secure MIME is it reliable?
by wafe in Web Design

We have an automatic reporting and notification system written in .net that sends emails with plain text. We are having to encrypt the messages that we send our clients.

The possible implementation approaches we have:

Send messages as S/Mime email with attachments.
Plain text email with that just contains a link to a web site that will display the message over https.
Mixing secure and not secure content in mobile web app
by DeeJay1 in Development Tools & Services

I have a mobile site served with SSL.
We need to play some audio files which sadly do not play with ssl
If I serve them via http they play just fine
The thing is, if I go that way, am I crippling the security ssl provides?


Privacy Policy - Copyrights Notice - Feedback - Report Violation - RSS 2017 © bighow.org All Rights Reserved .