All, I am using Zend_HTTP_Client to send HTTP requests to a server and get response back. The server which I am sending the requests to is an HTTPS web server. Currently, one round trip request takes around 10-12 seconds. I understand the overhead might be because of the slow processing of the web server to which the requests go. Is i...
I have situation where in c# code I am adding an onclick client event handler. It should do: Button1.Attributes.Add("onclick", "javascript:window.open('https://"+Request.ServerVariables["HTTP_POST"]+"/reports/?type=1&id=2"); in the end the URL looks like: https://servername/reports/?type=1&id=2 in the reports folder of my...
I have an ASP.NET application which stores a "Remember Me" token as a cookie; it worked fine until I implemented SSL. Using FireCookies, I never see my cookie (named "_rmtoken") though ".ASPXAUTH", "ASP.NET_SessionId" and other cookies do show up. Here is the code I use to set the cookie: public static void SetRememberMeCookie(Htt...
I realize that HTTPS is supposed to be more secure because it encrypts communication between you and the server so that your passwords and credit card numbers don't get sent in plain-text. However, when using LiveHTTPHeaders, I can still see my password in plain-text in the POST even when using an https connection. Why is this the case...
I have a secure page. In Chrome when I pop-up pages from that secure page, it displays an exclamation mark in both the parent and child address bars. When viewed on it's own the child page shows as secure (no exclamation mark) according to Chrome. How can I have popups from my secure page, and not induce these exclamation mark warni...
I noticed that most sites send the passwords as plain text over HTTPS to the server. Is there any advantage if instead of that I sent the hash of the password to the server? Would it be more secure? ...
If there is a HTTP request coming to a web server from many clients the requests will be handled in the order. For all the http request i want to use a token bucket system. So when there is a first Request i write a number to a file and increment the number for the next request and so on.. I dont want to do it in DB since the DB size i...
If your page gets called using https protocol, any relative path to an external css will be called using https protocol as well. Are you really need to encrypt/decrypt css contents? :D However, if you use absolute path referring to an external css, you can specify the protocol to use, generally http rather than https. Maybe I am wrong...
For some reasons Google custom search result shows https:// for some of my page links. The only solution for now would be to redirect the https:// links to http:// with htaccess for now until i figure out why search results are showing https:// I want the redirect to bypass the SSL cretificate or "Add Exception" page and redirect to htt...
I have a script that handles several different redirects on a server with a snippet that looks like follows: if($url == "http://www.url.com") {header("Location: https://www.url.com/index.html");} The script works exactly as intended with one issue - all of the https redirects end up redirecting to http (versus the https as defined...
I am opening a popup which is under https from a web page which is under http. When I try to use the command window.opener.location.(href/str/port/domain.. etc) from the pop-up to get the url of the opener page, I get a 'Permission Denied'. Ive also been using Firebug on Firefox to test this out. Is there any way I can by pass this by us...
I am trying to fetch a page using HttpWebRequest, but I am getting this exception: Could not establish trust relationship for the SSL/TLS secure channel. Is it possible to specify a custom RemoteCertificateValidationCallback for a particular instance of HttpWebRequest? (I cannot use ServicePointManager.ServerCertificateValidationCall...
Hi, I'm trying to access/login to facebook with a program(OverbyteIcsHttpTst.exe) compiled with delphi using component ThttpCli ( ICS-SSL which is the latest version that support https). www.overbyte.be/eng/products/ics.html The idea is, i wanna to access to facebook just like ordinary browser did. for example, i trying to login by "p...
I am using KSOAP2 to manage SOAP in Android but it use https for the SOAP url and I am getting this error: javax.net.ssl.SSLException: Not trusted server certificate A normal error because the certificate is untrusted, but anyone knows how to workaround with this error? I can not manage the certificate because is from a other company and...
I have a page that is accessed via HTTP. This page links to another page on the same server using HTTPS. What is the most elegant way, using HTML and/or Javascript, to force a transition to HTTPS while using a relative URL? Basically, I want the opposite of a protocol-relative URL. I want to explicitly specify HTTPS WITHOUT hardcoding ...
What is the proper deployment configuration for a Django application that needs some pages served with HTTPS and others with HTTP? I want to use HTTPS for the pages that involve registration and inputting passwords. I want to use HTTP for all other pages. ...
Refer to previous: http://stackoverflow.com/questions/2365994/display-a-warning-when-leaving-the-site-not-just-the-page/3442524#3442524 I'm needing something very similar, however, instead of relying on any rel, id, or onClick designations in the html's anchor tag, I need a way for the javascript to popup a warning if it's determined th...
I am trying to create a secure login for my site, who's form logs in with AJAX. Unfortunately, as it currently stands, I am sending the username and password using http completely unencrypted. After looking through basic encryption methods in Javascript that I can port to Codeigniter to decrypt, I've read that the best thing to do is j...
For some reason my site is not sharing the session between http and https. My setup, Drupal 6 with securepages module installed. You cannsee the example of this here, http://matthewwoodard.com/prducts, if you add to cart you will see the cart empties when it switches to https...any suggestions? ...
I'm writing a PyQt (Python bindings for the all-powerful Qt library) application and a small part of my application needs a web browser (hint, OAuth). So I started using QtWebkit, which is fantastic by the way. The only hitch is I would like to allow users behind a proxy to use my application. I have read about the QNetworkProxy class i...