Chris de Vidal wrote:
Can you confirm GET strings are also encrypted?
I'm sure they do. But try to clear the URI from IE's history (using
javascript), both username and password will be there.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Matt Matijevich said:
snip
I'm about 90% sure that URL strings are passed in the clear to SSL
servers, so this would defeat the purpose of SSL.
/snip
I don't think this is true. You can see the query string in the
address bar, but (with what little http knowledge I have) the http
2 matches
Mail list logo
