I have i开发者_如何学Pythonndex.php and I have a login form:
<form method=post action="login.php" id="login">
<input type="text" size="16" maxlength="30" name="login" id="login_user" />
<input type="password" name="pass" id="login_pass"/>
<input name="msubmit" type="submit" value="Login" />
</form>
How can I make sure that the form gets processed through a secure line?
Do I have to add https://?
<form method=post action="https://test.com/login.php" id="login"
Any ideas?
Thanks.
Yes, the best way is to specify https:
<form method="post" action="https://domain.com/login.php" id="login">
<input type="text" size="16" maxlength="30" name="login" id="login_user" />
<input type="password" name="pass" id="login_pass" />
<input name="msubmit" type="submit" value="Login" />
</form>
Even if index.php was served through a secure channel, it is good practice to explicitly specify https on the post action because this is the request which sends sensitive data over the wire. But it is also recommended to have index.php served through https only.
Use https protocol. Also treat all the parameters as tainted - and get the PHP script to process them in a responsible fashion.
*I.e. parse (regular expressions) them and escape them if necessary when using a database/command line *
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论