dpnvrt3119 2011-01-30 22:00
浏览 54
已采纳

通过HTTPS POST表单值

I'm fairly unfamiliar with HTTPS, but I know it's secure, what I want to know is when a user logs in with details on a form, are the variables in that form (username, password) sent to the server encrypted?

I'm asking this, as I'm using a form to log people in, but I'm also hashing their passwords with MD5 together with a SALT for verification.

Also, is HTTPS secure enough to prevent any spyware running on the host from intercepting the login details?

Sorry for asking a few questions in this post, but thanks in advance for any answers.

  • 写回答

6条回答 默认 最新

  • dongtao4319 2011-01-30 22:07
    关注

    I'm fairly unfamiliar with HTTPS, but I know it's secure, what I want to know is when a user logs in with details on a form, are the variables in that form (username, password) sent to the server encrypted?

    The entirety of the HTTP request and response are encrypted.

    The DNS look-up to convert the hostname to an IP address will, however, not be.

    Also, is HTTPS secure enough to prevent any spyware running on the host from intercepting the login details?

    No. HTTPS encrypts the communication between the client and the server. It cannot prevent software on the client from interfering with the request or reading the response. This includes the possibility of an attacker intercepting the request for the form and modifying it — so the form must be sent over SSL too.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(5条)

报告相同问题?

悬赏问题

  • ¥100 角动量包络面如何用MATLAB绘制
  • ¥15 merge函数占用内存过大
  • ¥15 Revit2020下载问题
  • ¥15 使用EMD去噪处理RML2016数据集时候的原理
  • ¥15 神经网络预测均方误差很小 但是图像上看着差别太大
  • ¥15 单片机无法进入HAL_TIM_PWM_PulseFinishedCallback回调函数
  • ¥15 Oracle中如何从clob类型截取特定字符串后面的字符
  • ¥15 想通过pywinauto自动电机应用程序按钮,但是找不到应用程序按钮信息
  • ¥15 如何在炒股软件中,爬到我想看的日k线
  • ¥15 seatunnel 怎么配置Elasticsearch