This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
I call a.jsp with http. In a.jsp, I have a link calling b.jsp with https. In b.jsp, I have a link calling c.jsp with http. d1 = http request for calling b.jsp d2 = http response which sends b.jsp d3 = http request for calling c.jsp d4 = http response which sends c.jsp Which of d1, d2, d3, d4 are encrypted? Thanx...
The data transmited through the 2 SSL endpoints are encrypted, since only a.jsp and b.jsp communicate using SSL (HTTPS), thus, only d1 and d2 are encrypted. Sometimes, when you are browsing a site using SSL, there may be a pop up: "Now, you are going to read a page that is not protected by SSL", something like that, which means, the current page you are browsing is using SSL, however, the link you are clicking is NOT. And thus this message appears. Nick
d1 through d4 would all have to be implemented over https as well, as other posters have said. any server-side includes when processing b.jsp would also (naturally, but mootly, as it's server-side) be secure.