Re^5: CGI MySQL insert/update special characters


Keep It Simple, Stupid
	PerlMonks

Re^5: CGI MySQL insert/update special characters

by jcb (Parson)

on Mar 30, 2020 at 01:26 UTC ( #11114788=note: print w/replies, xml )

Need Help??

in reply to Re^4: CGI MySQL insert/update special characters
in thread CGI MySQL insert/update special characters

If the client drives the use of a secure channel, either using TLS on port 443 or TLS upgrade on port 80, the entire request (including the URL) will be sent encrypted. If the server demands an upgrade to HTTP/TLS (RFCs define a way to do this on port 80) before responding, then the entire request (including the body of a POST(!)) will have been initially sent in plaintext and then be repeated encrypted after the TLS negotiation is performed.

The bigger problem with putting login parameters in URLs is that URLs are generally assumed to not be sensitive and tend to get stored all over the place, including server logs and browser history.

Comment on Re^5: CGI MySQL insert/update special characters

In Section Seekers of Perl Wisdom

Node Status^?

node history
Node Type: note [id://11114788]
help

Chatterbox^?

How do I use this? | Other CB clients

Other Users^?

Others studying the Monastery: (4)

As of 2021-02-24 19:55 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Voting Booth^?

No recent polls found

Notices^?