Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW

comment on

( #3333=superdoc: print w/replies, xml ) Need Help??
I think what you are doing doesn't make much sense.

Let's break down redirects for two cases:

GET request
Carries all the information in the URL. You could redirect this request easily, but there is no point in doing that. Why? Because whoever was sniffing your traffic has already sniffed the data. Transfering the same data again over HTTPS just gives the attacker lots of clear text to try "known plaintext" attacks against your secret key.
POST request
POST request does not carry the data in the URL, that data is posted separately, once the connection is established. However, handling of redirected POST requests is extremely browser dependant.
In addition, if your form is directed to a HTTP address, the people filling out the form won't see the little "safe-data" lock in the corner of their browser window, even thought their data might be safe.

In short, if you control the forms enough that you could switch them from GET to POST, you control them enough to change the address to https. And if you find a way to implement what you're planing, it won't do you any good.

Except that you will learn something of mod_perl - that may or may not make it worth it to you.

In reply to Re: Switching to SSL under mod_perl by matija
in thread Switching to SSL under mod_perl by jest

Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":

  • Are you posting in the right place? Check out Where do I post X? to know for sure.
  • Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
    <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
  • Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
  • Want more info? How to link or or How to display code and escape characters are good places to start.
Log In?

What's my password?
Create A New User
Domain Nodelet?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (3)
As of 2022-05-17 06:51 GMT
Find Nodes?
    Voting Booth?
    Do you prefer to work remotely?

    Results (65 votes). Check out past polls.