Related
John I'm creating a secure web-based API that uses HTTPS; however, if I allow the user to configure it using a query string (including sending a password), will this also be secure, or should I force it to be done via POST ? dr evil Yes. But using GET for sens
John I'm creating a secure web-based API that uses HTTPS; however, if I allow the user to configure it using a query string (including sending a password), will this also be secure, or should I force it to be done via POST ? dr evil yes. But using GET for sens
Unreal Dragon I'm developing an iPhone App that connects to an https:// link to authenticate the user. From what I understand, all traffic to a server with a 256-bit private key is secure and cannot be captured, so there is no need to encrypt the data again, a
Unreal Dragon I'm developing an iPhone App that connects to an https:// link to authenticate the user. From what I understand, all traffic to a server with a 256-bit private key is secure and cannot be captured, so there is no need to encrypt the data again, a
User 1 I expose the following rest api method [OperationContract]
[WebInvoke(Method = "GET", UriTemplate = "/GetStuff?userName={userName}&password={password}&howMany={howMany}", RequestFormat = WebMessageFormat.Json, ResponseFormat = WebMessageFormat.Json)]
Th
wind blows I try to configure my server with Traefik using a Docker container. I configured Traefik to work and I got the dashboard page. The problem is that I want to have my own GitLab server. I pulled the GitLab docker image and created a docker-compose fil
rainmaker I am sending a POST request to the URL https://username:
[email protected] in a script . I know that HTTPS encrypts the credentials so they shouldn't be visible on the web. But what about server logs? Are there any other disadvantages to using this
Jared I came across a healthcare provider website that serves its web pages via aspx. The provider has a new customer form in the same aspx page. I contacted the vendor who built the website and asked why they didn't use https. They assured me that they are us
kabeth wahra If I'm being silly here, ask, but how is HTTPS more secure than HTTP? I see there are several ways HTTPS works. The server sends an encryption key to the client, the client encrypts the data with that key, and sends it back to the server. The serv
rainmaker I am sending a POST request to the URL https://username:
[email protected] in a script . I know that HTTPS encrypts the credentials so they shouldn't be visible on the web. But what about server logs? Are there any other disadvantages to using this
Jared I came across a healthcare provider website that serves its web pages via aspx. The provider has a new customer form in the same aspx page. I contacted the vendor who built the website and asked why they didn't use https. They assured me that they are us
dude I am trying to understand the difference between https and http. From what I've read so far, https is http with encryption. So in the case of the user submitting the password form, in the case of http the password will be sent over the network in a text b
good to eat I have followed this guide to secure the ActiveMQ 5.16.2 web console. I did the following configuration in mine jetty.xml: By default, authentication is set to true, so I left it like this: <property name="authenticate" value="true" />
I generated
rainmaker I am sending a POST request to the URL https://username:
[email protected] in a script . I know that HTTPS encrypts the credentials so they shouldn't be visible on the web. But what about server logs? Are there any other disadvantages to using this
Thim Anneessens I know a similar question has been asked in 2016, but I don't think the answer is enough: Secure Download Links (HTTPS) for Ubuntu Desktop There should be a clear way to get ubuntu safely instead of downloading it from http sources by default n
kabeth wahra If I'm being silly here, ask, but how is HTTPS more secure than HTTP? I see there are several ways HTTPS works. The server sends an encryption key to the client, the client encrypts the data with that key, and sends it back to the server. The serv
Jack I have been using $string = bin2hex(openssl_random_pseudo_bytes(16)) . uniqid();
Because I need some strings that are safe and unique on low temperature. The question is: is this a naive approach? Am I giving any information that could compromise the sec
William In my template I can use configuration parameters from system manager like this: Parameters:
DatabasePassword:
Type: 'AWS::SSM::Parameter::Value<String>'
Default: '/some/path/db_password'
However, I need help to use safe strings . I tried: A
pinoy_ISF We are redirecting HTTP to HTTPS using the following rules: <rewrite>
<rules>
<rule name="Redirect HTTP to HTTPS" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="
pinoy_ISF We are redirecting HTTP to HTTPS using the following rules: <rewrite>
<rules>
<rule name="Redirect HTTP to HTTPS" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="
pinoy_ISF We are redirecting HTTP to HTTPS using the following rules: <rewrite>
<rules>
<rule name="Redirect HTTP to HTTPS" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="
pinoy_ISF We are redirecting HTTP to HTTPS using the following rules: <rewrite>
<rules>
<rule name="Redirect HTTP to HTTPS" enabled="true" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="
username Which one is correct and really safe? Use prepared statements: $stmt= $db->prepare("INSERT INTO books (title) VALUES (?)");
$booktitle=$_POST['booktitle'];
$stmt->bind_param('s', $booktitle);
$stmt->execute();
or use the escape function: $unsafe_v
muck_fuppet I'm having trouble implementing Symfony's security features in my project. I've configured Security.yamland created securityController, my Userclass implements userInterface, and from what I've seen on the docs I'm not missing anything. My form dis
username Which one is correct and really safe? Use prepared statements: $stmt= $db->prepare("INSERT INTO books (title) VALUES (?)");
$booktitle=$_POST['booktitle'];
$stmt->bind_param('s', $booktitle);
$stmt->execute();
or use the escape function: $unsafe_v
username Which one is correct and really safe? Use prepared statements: $stmt= $db->prepare("INSERT INTO books (title) VALUES (?)");
$booktitle=$_POST['booktitle'];
$stmt->bind_param('s', $booktitle);
$stmt->execute();
or use the escape function: $unsafe_v
muck_fuppet I'm having trouble implementing Symfony's security features in my project. I've configured Security.yamland created securityController, my Userclass implements userInterface, and from what I've seen on the docs I'm not missing anything. My form dis
username Which one is correct and really safe? Use prepared statements: $stmt= $db->prepare("INSERT INTO books (title) VALUES (?)");
$booktitle=$_POST['booktitle'];
$stmt->bind_param('s', $booktitle);
$stmt->execute();
or use the escape function: $unsafe_v
Anwar $con = mysqli_connect('localhost', 'root','', 'dbname');
if(filter_input(INPUT_POST, "register")){
$username = filter_input(INPUT_POST,'username');
$password = filter_input(INPUT_POST,'password');
$email = filter_input(INPUT_POST,'email');
$stmtInsertUs