security - Should a web page with a login form be secured? -

-

There is a question in the title, but I will expand.

Say I have a non-secure page, but I do not want the data that the user is posting on my web server so that it can block anyone. Do I need a secure URL for the form Service or simply Post form?

By serving the unprotected form, you post your form to a man-in-the-middle Allow change of destination, giving attacker crop login information. But the attacks of MITM are not common, so you are probably serving an unsafe farm.


Comments

Post a Comment

Popular posts from this blog

paypal - How to know the URL referrer in PHP? -

-
I'm new to integrating PayPal with sites, so easily from the service I can use Can the available method be? What am I trying to do, when the user clicks on "Return to my website", I want my return URL to know that the referrer is PayPal so I can send it automatically to the homepage . how to do this? I tried $ _ SERVER ['HTTP_REFERER'] but it does not seem like anything. During the IPN conversation I set the cookie and session (though I am not sure whether I am correcting it or doing this right), but on returning to my website, it does not seem to recognize any session . If I use it by using $ _ SERVER ['HTTP_REFERER'] , then I'm afraid it's a security risk, is not it? If so, is there any other way I remember? help please. Should you really know the referrer? Set the PayPal Return URL to a "secret" URL which is always redirected to the homepage. If someone reaches there and gets redirected without coming from PayPal, then ...
Read more

oauth - Facebook OAuth2 Logout does not remove fb_ cookie -

-
This is used to work so I'm not sure what's wrong the user just logs in to Facebook properly Is capable of Logging problem. I log out the user logout by redirecting them to the php script. $ facebook-> GetLogoutUrl (); When users click on that link, they are logged out from the Facebook page. However, when they return to my site, I find that the FB_ cookie is still there. PHP SDK still gives user FB session details. The strange thing is that www.facebook.com shows that I am already logged out of Facebook. What can be wrong here? Thanks, I've been stumped: (. OK, finally, what did I do? > GetLogoutUrl () with a next = address url on my logout script which will remove the Facebook cookie by setSession (null) .
Read more

wpf - Line breaks and indenting for the XAML of a saved FlowDocument? -

-
Is there a way to format XAM generated when a flow document is saved? Currently, all of this is run simultaneously in one line, and I want to break it into my elements, with line break and indenting it makes it a little easier to read. Here is the code I'm using to save a FlowDocument in a WPF RichTextBox as a XAML file: // entire document around TextRange textRange Create a TextRange side = new TextRange (myRichTextBox.Document.ContentStart, myRichTextBox.Document .contentEnd); // save the file using the file (file stream fs = file. Create (filename)) {textRange.Save (fs, DataFormats.Xaml); } Savings work fine, but as I mentioned, JPAM has been generated, all this goes together, no indentation or line breaks for its various elements Is: & lt; Section xmlns = "http://schemas.microsoft.com/winfx/2006/xaml/presentation" xml: space = "preserve" Tekstelinement = "left" Lainhait = "auto" Hashipineshn = enabled = "false...
Read more