• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

a simple question about ssl

 
Mahola Nawado
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I call a.jsp with http. In a.jsp, I have a link calling b.jsp with https. In b.jsp, I have a link calling c.jsp with http.
d1 = http request for calling b.jsp
d2 = http response which sends b.jsp
d3 = http request for calling c.jsp
d4 = http response which sends c.jsp
Which of d1, d2, d3, d4 are encrypted? Thanx...
 
Bruno Grossi
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I thing that d1 and d2 are encrypted.
 
Mahola Nawado
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
thank you bruno... but isnt there anybody here who knows the answer of this question and sure about it..???
 
Mahola Nawado
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
still waiting for an answer...
 
William Barnes
Ranch Hand
Posts: 986
Eclipse IDE Firefox Browser Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The communications between a.jsp & b.jsp are secure, nothing else.
 
Nicholas Cheung
Ranch Hand
Posts: 4982
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The data transmited through the 2 SSL endpoints are encrypted, since only a.jsp and b.jsp communicate using SSL (HTTPS), thus, only d1 and d2 are encrypted.
Sometimes, when you are browsing a site using SSL, there may be a pop up: "Now, you are going to read a page that is not protected by SSL", something like that, which means, the current page you are browsing is using SSL, however, the link you are clicking is NOT. And thus this message appears.
Nick
 
scott p laplante
Greenhorn
Posts: 13
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
d1 through d4 would all have to be implemented over https as well, as other posters have said. any server-side includes when processing b.jsp would also (naturally, but mootly, as it's server-side) be secure.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic