Re: Re-write of <form action=https
From: Kevin T. Price (kpckids@cox.net)
Date: 06/26/02
- Next message: Kevin T. Price: "Re: How to make forms authentication in subdirs?"
- Previous message: Kevin T. Price: "Re: override of webconfig doesn't work...."
- In reply to: Justin: "Re-write of <form action=https"
- Next in thread: Justin P: "Re: Re-write of <form action=https"
- Reply: Justin P: "Re: Re-write of <form action=https"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Kevin T. Price" <kpckids@cox.net> Date: Tue, 25 Jun 2002 21:21:02 -0400
Since in ASP.NET the form will most likely submit to itself, and in good
practice, the HTTPS page should already be protected versus submitting a
non-secure page with someone's login information to a secure processing
page. That defeats the purpose of SSL.
-- Kevin T. Price Co-Author - .NET Framework Security "Justin" <reply@toGroup.com.au> wrote in message news:O$IlXjoGCHA.1988@tkmsftngp08... > In the login page, how do we tell asp.net to use https in the url when we > login, to ensure that the contents are submitted through SSL? See: > > <form runat=server> > > <input type=text name=username runat=server> > <input type=password name=password runat=server> > ... > > </form> > > In my confused post before, I thought you might have to use classic asp. > There are some things you can't do with asp.net html server controls I > think, like when you want to submit to a different page. For SSL, maybe you > just use <form action="https://www.mysite.com/login.aspx"> ... > > Tks > J > > >
- Next message: Kevin T. Price: "Re: How to make forms authentication in subdirs?"
- Previous message: Kevin T. Price: "Re: override of webconfig doesn't work...."
- In reply to: Justin: "Re-write of <form action=https"
- Next in thread: Justin P: "Re: Re-write of <form action=https"
- Reply: Justin P: "Re: Re-write of <form action=https"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
