[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 196
  • Last Modified:

https form action

Hello.

I need clarification about submitting form data to a secure server. My current paradigm is that in order to submit form data securely, you need to be submitting from a page hosted on a secure server, such as https://domain.com, and submitting to a page on that server.

But I just went to a website that claims that, "The form is submitted using an HTTPS form action. All sensitive data is encrypted before transmission and is never sent as clear-text." The page the form is on does not appear to on a secure server, that is, the URL looks like http://domain.com/form.html. I looked at the source code, and the form is posting to a secure server, action="https://secure.domain.com/gateway.

Is this arrangement possible? It would seem that you couldn't establish an encryption scheme until after you have arrived at a page on the secure server. Would this arrangement cause any kind of warning message when a form is submitted?
0
sentientearth
Asked:
sentientearth
  • 2
  • 2
1 Solution
 
strickddCommented:
With a secure connection the sending and recieving page have to be https://. However it is possible, if the two sites are on the same server to send information to an https:// page from one that is. Being on the same server will make it secure. Then when the https:// page is called, it will usually call another encrypted page and passback any information to the http:// page.
0
 
sentientearthAuthor Commented:
Hmm. Wouldn't the form data still have to travel unencrypted from the visitor's browser to the secure page?
0
 
strickddCommented:
Correct, but it will be encrypted for part of the journey.
0
 
sentientearthAuthor Commented:
I'm not sure I follow. Isn't the data unencrypted until it reaches the receiving page? Sorry to be slow on this...
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now