从HTTP到HTTPS的POST是否安全？ [英] Is a POST from HTTP to HTTPS secure?

问题描述

我有一个带有表单的HTTP页面。如果我将操作设置为HTTPS页面，请求是否安全？浏览器在将数据发送到网络之前是否会处理所有数据？或者我应该在整个网站上使用HTTPS吗？

I have a HTTP page with a form. If I set the action to a HTTPS page, is the request secure? Does the browser process all the data before it sends it to the net? Or should I use HTTPS for my entire site?

推荐答案

没有。 Troy Hunt确定了一个简单的 man-中间攻击，表明从HTTP发布到HTTPS绝不是安全的。随着免费WiFi的普及，这种攻击将非常简单。

No. Troy Hunt identifies a simple man-in-the-middle attack that shows that posting from HTTP to HTTPS is by no means secure. With the proliferation of free WiFi this attack would be very simple to execute.

http://www.troyhunt.com/2013/05/your-login-form-posts-to-https-but -you.html

这篇关于从HTTP到HTTPS的POST是否安全？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！