I have an ajax call that really needs to be https. However, the page that it is being called from is http. The browser complains about restricted URI denied, presumably due to the same origin policy. Are there any known workaround for this? ...
I have jsp/struts application need to upgrade. Currently we only have 1 websystem(branch) and now I need to upgrade and build another websystem that represent HQ. HQ and branches are different domain. HQ can see 4 branches in the HQ page. We need to login to access HQ and branches. If HQ want to see the details in branch A, we can click...
I have an application that uses HTTPS for some of its routes in conjunction with the ssl_requirement plugin. It's deployed and is working fine in production. The question is how best to handle this in development, because at the moment I'm simply hacking my routes.rb to remove the :requirements key and obviously that's not very convenie...
What do I need to do to get traffic to my ruby on rails app to use https? I have a certificate installed and if I manually type in "https://" in the address bar when accessing the site the little lock icon appears, but just manually going to www.example-app.com in my browser sends traffic through http://. Is there some one-line config...
I'm new to Ruby coming from Java. I'm trying to make a http get request and I'm getting an http response code of 400. The service I'm calling over http is very particular and I'm pretty sure that my request isn't exactly correct. It'd be helpful to "look inside" the req object after I do the head request (below) to double check that the ...
I intend to use SSL on the login form so that the username and password is encrypted during user login. But, after the user has been authenticated, if I return to HTTP, the Autentication Cookie will be passed from client to server on each request. How safe is this? Obviously i'll use SSL on pages where the user is entering sensitive in...
We would like to expose our WCF services over REST and also over TCP securing them both with SSL. We have a valid SSL uploaded to Azure and the proper mapping setup so that going to https://service.ourdomain.com works as it should. I have setup two endpoint bindings, webHttpBinding for the REST services and a customBinding of type NetH...
I would like to download a file using VB.NET (preferably) or C# via HTTPS. I have this code to download a file over plain HTTP: Dim client As WebClient = New WebClient() Dim wp As WebProxy = New WebProxy("[IP number of our proxy server]", [port number of our proxy server]) wp.Credentials = CredentialCache.DefaultCredentials client.Prox...
I have a strange situation with PHP working differently from HTML. I'm not a web programmer, just messing around. In HTML my images appear fine, in PHP the images are broken. And only public images from my Dropbox https server are broken, ones from a http server work. As an example, here are two files on my localhost, abc.html and def.p...
Is it "application/x-www-form-urlencoded", "multipart/form-data", "application/xml", "text/xml" or something else? And more importantly, how do I know when to use which? This is a very old article which says to use "multipart/form-data" and that "application/x-www-form-urlencoded" is bad. Is that still valid advice? http://skew.org/xml/...
Hello, I am trying to verify the that target exposes a https web service. I have code to connect via HTTP but I am not sure how to connect via HTTPS. I have read you use SSL but I have also read that it did not support certificate errors. The code I have got is from the python docs: import httplib conn = httplib.HTTPConnection("www.pyt...
Say I was trying to access https://www.secretplace.com/really/really/secret.php, what's actually sent in plain text before the SSL session is established? Does the browser intervene, see that I want https, initiate a SSL session with secretplace.com (i.e. without passing the path in plain text) and only after the SSL session is set up ...
I have a domain, mattpotts.com and have set up a sub-domain dev.mattpotts.com for me to develop on and will then copy the files to the normal domain when they're ready to go. My directory structure is as follows and dev.mattpotts.com points to dev/ +-public_html/ +-project1/ +-project2/ +-project3/ +-dev/ +-project1 +-p...
How would you go about downloading a webpage file behind an HTTPS login via a language such as python? More specifically I am talking about the page behind the login from http://www.cnbtn.com. ...
Hello, I am trying to log onto a website using Python. I have written the code to connect to the target but I need to login and select a button on the website and wait for a response. I have looked at the HTTP Protocol in Python and was thinking of using 'HTTPConnection.putrequest'. I am not sure how to do this, I have the code I have s...
Hello, I am using the Zope testbrowser which has been recommended in my last question. The problem that I am facing is that I can use the getControl function to control different objects like: password, username etc. I am trying to submit the page to get to the next page but the submit button has no 'name' variable, just an 'id' variab...
Title says it all: Can cookies set using HTTP be read using HTTPS? ...
For a client, I developed a web-application and took responsibility for the hosting of the site. They squeezed the price really low (fixed-price contract), but I wanted the project so took it anyway. The system just records sales details and generates reports off this data. The information is sensitive to some extent, but not mission cr...
I've seen many threads on SO and they suggest that password can't be securely transferred without SSL. So suppose I've https login page but Should I switch back to http after user has been authenticated over https (assuming no sensitive information is sent over after login)? Because it might load page a bit faster? Would it create ext...
We are in the process of moving our web architecture to a new environment. Included are dozens of different sites ranging from almost completely static to dynamic sites requiring authentication and containing sensitive content. Our web server admins have (without any input from the development team) decided to make it a standard in the n...