Why not make your calling page https also?
On Jul 9, 12:02 pm, Scott <sc...@appletree.com> wrote: > hmm... that sucks... This is for allowing my members to enter > credentials and it's important to be able to allow this on an http > page. What's the best way to accomplish this? Don't other sites > allow javascript logins in http pages where the credentials are not > sent in cleartext? > > Is there a great library for encrypting the data in javascript with a > public key and then decrypting the data with a private key on the > server? > > On Jul 9, 1:01 pm, Michael Lawson <mjlaw...@us.ibm.com> wrote: > > > Hi Scott, > > > unfortunately (or fortunately depending on your POV), same domain policy > > applies to the whole domain, including > > protocol.http://www.mysite.commakinga request tohttps://www.mysite.com is > > not > > valid > > > cheers > > > Michael Lawson > > Development Lead, Global Solutions, ibm.com > > Phone: 1-276-206-8393 > > E-mail: mjlaw...@us.ibm.com > > > 'Examine my teachings critically, as a gold assayer would test gold. If you > > find they make sense, conform to your experience, and don't harm yourself > > or others, only then should you accept them.' > > > From: Scott <sc...@appletree.com> > > > > > To: "jQuery (English)" <jquery-en@googlegroups.com> > > > > > Date: 07/09/2009 03:56 PM > > > > > Subject: [jQuery] $.get ajax call on http page to https on same domain > > > > > I'm successfully able to make jQuery $.get ajax calls, everything > > works great. But some ajax calls pass credentials, so I need those > > calls to be secure. I simply try $.get("https://localhost/ajax.xml";, > > etc...); instead of http. But now it's not working, instead of an > > http get call, I see in firebug an http OPTIONS request is sent to the > > server and without the cookies. So my tomcat server returns a > > redirect to my login page (as it doesn't see a session id in the > > cookie or url) and the ajax call fails.. > > > What's going on? Why doesn't it simply issue the exact same get > > request jQuery does when the destination url is http? How can I make > > this work? > > > graycol.gif > > < 1KViewDownload > > > ecblank.gif > > < 1KViewDownload > >
