aspose file tools*
The moose likes JSP and the fly likes Hide password in Mozilla's Http Header plugin Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "Hide password in Mozilla Watch "Hide password in Mozilla New topic
Author

Hide password in Mozilla's Http Header plugin

ashwin vulugundam
Greenhorn

Joined: Jul 22, 2011
Posts: 16
I have a situation here i am using JSP Login page where user need to put his username and password.
The form method here is set as POST.
With a plugin name HTTP Header the username and password can be seen in the content length.
i want to hide these parameter by programatic way. Is there any chance for this
Devaka Cooray
ExamLab Creator
Saloon Keeper

Joined: Jul 29, 2008
Posts: 2885
    
  13

Welcome to JavaRanch!
Did you mean the content-length header shows the username/passwords, or it reflects the size of the username/password? Are you sending the username/passwords in plain text or do you use some encryption like in SSL?


Author of ExamLab ExamLab - a free SCJP / OCPJP exam simulator
My Home Page -- Twitter Profile -- JavaRanch FAQ -- How to Ask a Question
ashwin vulugundam
Greenhorn

Joined: Jul 22, 2011
Posts: 16
i am sending the username and password in plain text
i.e < input type="password" name ="password" >
i am not using any encryption such as SSL.

The password value is getting visible in Content length.

Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18136
    
    8

You can't prevent the HTTP request information from being visible. If you have a password and you want to prevent other software from displaying it, then SSL is the tool to use.
ashwin vulugundam
Greenhorn

Joined: Jul 22, 2011
Posts: 16
Thanks for your reply
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Hide password in Mozilla's Http Header plugin
 
Similar Threads
Calling WS without having entry in User registry
BASIC authentication doubt.
Align Two Tables Vertically
How to set custom HTTP header for single sign on
Including information in the SOAP header in a web service invocation.