If I screen scrape a form from a site secured with SSL, and put that form on my site (which is also secured by SSL), do I still get the benefits of SSL?
A:
Is the scrape process dynamic? Meaning, does it happen each time a user hits the wrapping page on your site, or are you doing it once and just using the result from that day forward?
In either case, there are two SSL sessions in play here. The first is between the computer performing the scrape - probably your web server - and the source server. The second, if applicable, will be between the browser and your server. You will be responsible for the SSL in this case.
Whether or not you "get the benefits of ssl" depends on which part of this process you're referring to.
David Lively
2009-11-11 17:10:36
The scrape process would be dynamic. I'm specifically referring to having the form submit from my site (which is secured with SSL).
blockhead
2009-11-11 17:58:04
There's a form? That's relevant. If you're submitting from your server to their server (ie, you modified the form action to post to your server instead of theirs), the ssl handshake takes place between the two webservers. You'll have to handle proxying form data, cookies, session stuff, etc between the client and the other server.
David Lively
2009-11-11 18:11:53
What if I haven't modified the action (it's still pointing to their server). The only difference is now the html for the form is on my site.
blockhead
2009-11-11 18:16:57