Came across this issue in the last few days. If your browser is at https://securedomain1/... and you need to POST to https://securedomain2/..., you cannot trust this as IE and FF browsers later versions (and I would assume Opera + other browsers also) detect this and notify the user who is given the option to manually move on or not!
This is just a point of note. Usually one should aspire to design a web application where posting from one secure domain to another does not occur. Typically in an e-business website, the payment detail page will be secure and often hosted by a third party. Hence the rest of the website is non-secure as it is not required. You don't want your website to be over HTTPS and then having to redirect to a third party in a different secure domain over HTTPS.
Modeling: Date vs. DateTime
23 hours ago
Posts
No comments:
Post a Comment