[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed Aug 10 03:43:11 2005
From: jeff-kell at utc.edu (Jeff Kell)
Subject: Insecure http pages referencing https
fd@...nsci.us wrote:
> On Wed, 10 Aug 2005, Nick FitzGerald wrote:
>>fd@...nsci.us wrote:
>>
>>>Today I realized that many "secured" web sites reference their secure
>>>login page from an insecure page.
>>Welcome to, ohhh, 1997???
>>I can't be bothered looking it up, but this is ancient.
> Ok, good -- I'm not missing something then. Almost a decade later and
> they still repeat history. Guess its time to contact the vendor - wheee!
> A note for those who use online banking: check for the s!
If you use Firefox or Mozilla (and if not, why not? :-) ) look into the FormFox plugin, which will show you the target of a click-button POST.
Doesn't help the crappy javascript versions, but good for most.
Jeff
Powered by blists - more mailing lists