Couple of techno questions
This WebDNA talk-list message is from 1999
It keeps the original formatting.
numero = 23930
interpreted = N
texte = Hello all, I've got two questions that have come up recently that I would like thelist's help with. First, I'm having a debate with a client that the pagethat a cc number is entered (invoice.tpl) doesn't necessarily need to beserved via ssl, so long as the page it submits to is served via ssl. Mycontention is that since http is 'sessionless' in the sense that once you'vedownloaded the page you are no longer connected to the server, then typingyour cc number into a page that is not encrypted poses no security risk.It's the request for the next page (thankyou.tpl) that is the issue. Onceyou hit the submit button, the client attempts to connect to the httpsserver. The data is then sent to the https server through an encryptedconnection. Therefore, it is not essential that invoice.tpl is encrypted,as long as thankyou.tpl is. Am I correct or am I misunderstanding how httpsessions operate? Second, I'm having trouble with a client who's entire LAN is using NATto connect to the internet through one IP address. They are seeing eachother's orders from different machines Is there an easy way to fix this?With the SOHO and NAT becoming more prevalent these days, do we need tostart depending on cookies to track users?Thanks,Mike Davis
Associated Messages, from the most recent to the oldest:
Hello all, I've got two questions that have come up recently that I would like thelist's help with. First, I'm having a debate with a client that the pagethat a cc number is entered (invoice.tpl) doesn't necessarily need to beserved via ssl, so long as the page it submits to is served via ssl. Mycontention is that since http is 'sessionless' in the sense that once you'vedownloaded the page you are no longer connected to the server, then typingyour cc number into a page that is not encrypted poses no security risk.It's the request for the next page (thankyou.tpl) that is the issue. Onceyou hit the submit button, the client attempts to connect to the httpsserver. The data is then sent to the https server through an encryptedconnection. Therefore, it is not essential that invoice.tpl is encrypted,as long as thankyou.tpl is. Am I correct or am I misunderstanding how httpsessions operate? Second, I'm having trouble with a client who's entire LAN is using NATto connect to the internet through one IP address. They are seeing eachother's orders from different machines Is there an easy way to fix this?With the SOHO and NAT becoming more prevalent these days, do we need tostart depending on cookies to track users?Thanks,Mike Davis
Mike_Davis
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
How flexible is Shipping? (1997)
Turning a URL into a link (2003)
Shoppingcart passing price (2000)
ReadDateFormat (1998)
[OT] - Block Traffic to DevBox (2003)
MATH PROBLEM (1997)
Error Lob.db records error message not name (1997)
oops private message leaked into talk list (1997)
I have troubles to send message out (1998)
James Hawker (1998)
WebCatalog [FoundItems] Problem - AGAIN - (1997)
Are you an WC expert? (1997)
Odd
Help with [search] sort (2003)
ShowNext truncating passed variable?? (1997)
Re:WebCat Emailer & Liststar (1997)
Mac OS X ODBC (2002)
[LOOKUP] (1997)
WebCat, switching from NT to OSX (2003)
Calendar Snippet (1998)