It's AJAX secure??????
-
It struck me last night. We are spending hundred's of hour's and money developing this new Financial Application to be serve under the model of ASP, and we being using AJAX for all the UI's everything works fine and after we deal with some nuances, and figure out was how to dominate the beast, now I have an idea that can stop everything and send all our work to the garbage. I don't know how to set the xmlHTTPrequest object to comunicate on the secure layer. I am afraid that my pages will be server via SSL (port 443), but all my data will be travelling in the Wild Wild Web using port 80. If that is the case. someone knows how to prevented if not, we are doomed. :((
-
It struck me last night. We are spending hundred's of hour's and money developing this new Financial Application to be serve under the model of ASP, and we being using AJAX for all the UI's everything works fine and after we deal with some nuances, and figure out was how to dominate the beast, now I have an idea that can stop everything and send all our work to the garbage. I don't know how to set the xmlHTTPrequest object to comunicate on the secure layer. I am afraid that my pages will be server via SSL (port 443), but all my data will be travelling in the Wild Wild Web using port 80. If that is the case. someone knows how to prevented if not, we are doomed. :((
Ummm. When your viewing an https page, doesn't all communication occur over SSL? I mean, that's sort of the point, isn't it? Marc
People are just notoriously impossible. --DavidCrow
There's NO excuse for not commenting your code. -- John Simmons / outlaw programmer
People who say that they will refactor their code later to make it "good" don't understand refactoring, nor the art and craft of programming. -- Josh Smith -
It struck me last night. We are spending hundred's of hour's and money developing this new Financial Application to be serve under the model of ASP, and we being using AJAX for all the UI's everything works fine and after we deal with some nuances, and figure out was how to dominate the beast, now I have an idea that can stop everything and send all our work to the garbage. I don't know how to set the xmlHTTPrequest object to comunicate on the secure layer. I am afraid that my pages will be server via SSL (port 443), but all my data will be travelling in the Wild Wild Web using port 80. If that is the case. someone knows how to prevented if not, we are doomed. :((
You should be able to set the URL for the load request to be HTTPS instead of HTTP and also include the port number https://myaddress:443/\*
-
Ummm. When your viewing an https page, doesn't all communication occur over SSL? I mean, that's sort of the point, isn't it? Marc
People are just notoriously impossible. --DavidCrow
There's NO excuse for not commenting your code. -- John Simmons / outlaw programmer
People who say that they will refactor their code later to make it "good" don't understand refactoring, nor the art and craft of programming. -- Josh SmithMarc Clifton wrote:
When your viewing an https page
For the original request for the page, yes. but the AJAX call is a seperate URL request you are making.
-
Marc Clifton wrote:
When your viewing an https page
For the original request for the page, yes. but the AJAX call is a seperate URL request you are making.
-
You should be able to set the URL for the load request to be HTTPS instead of HTTP and also include the port number https://myaddress:443/\*
-
It struck me last night. We are spending hundred's of hour's and money developing this new Financial Application to be serve under the model of ASP, and we being using AJAX for all the UI's everything works fine and after we deal with some nuances, and figure out was how to dominate the beast, now I have an idea that can stop everything and send all our work to the garbage. I don't know how to set the xmlHTTPrequest object to comunicate on the secure layer. I am afraid that my pages will be server via SSL (port 443), but all my data will be travelling in the Wild Wild Web using port 80. If that is the case. someone knows how to prevented if not, we are doomed. :((
-
I am not sure if I can do that. I think the browser's will not like that and give me some security error messages that in reality is a problem because no one will drop their's securitty because my App.
If the main page comes from "https://server/", why should the browser not allow the Javascript on that page to connect to the server?
-
It struck me last night. We are spending hundred's of hour's and money developing this new Financial Application to be serve under the model of ASP, and we being using AJAX for all the UI's everything works fine and after we deal with some nuances, and figure out was how to dominate the beast, now I have an idea that can stop everything and send all our work to the garbage. I don't know how to set the xmlHTTPrequest object to comunicate on the secure layer. I am afraid that my pages will be server via SSL (port 443), but all my data will be travelling in the Wild Wild Web using port 80. If that is the case. someone knows how to prevented if not, we are doomed. :((