Re: History
- From: Thomas 'PointedEars' Lahn <PointedEars@xxxxxx>
- Date: Thu, 08 Dec 2005 14:01:14 +0100
VK wrote:
> Thomas 'PointedEars' Lahn wrote:
>> VK wrote:
>> > Thomas 'PointedEars' Lahn wrote:
>> >> > 2) If the previus and the current page are in the same security
^^^^^^^^^^^^^^^^^^^^^^^^
>> >> > protocol (http / http or https / https)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>> >> The Same Origin Policy does not apply here.
>> > [...]
>> > It is not Same Origin Policy issue, but security level upgrade /
>> > degrade
>> >
>> > Say if the previous page was _https_://www.server1.com and the current
>> > page is _http_://www.server2.com then you will not be allowed to read
>> > document.referrer (security degrade) Same for vice versa.
>>
>> [...]
>> Your misuse of the term `same security protocol' confused me. HTTP and
>> HTTPS (HTTP over SSL/TLS) are only transfer protocols. The
>> _cryptographic_ or _encryption_ protocol used for the latter is SSL/TLS.
>
> Well, this is a common shortcut to say "secure connection" or "secure
> protocol" about HTTPS,
You wrote "_security_ protocol" which is wrong.
> [windings snipped]
PointedEars
.
- Follow-Ups:
- Re: History
- From: VK
- Re: History
- References:
- History
- From: Dan
- Re: History
- From: VK
- Re: History
- From: Thomas 'PointedEars' Lahn
- Re: History
- From: VK
- Re: History
- From: Thomas 'PointedEars' Lahn
- Re: History
- From: VK
- History
- Prev by Date: Re: international phone number testing with javascript
- Next by Date: Re: unterminated string constant
- Previous by thread: Re: History
- Next by thread: Re: History
- Index(es):
Relevant Pages
|
Loading
