Answer by martinstoeckli for Using HTTPS on the entire sites 2011 and beyond
Keeping the session cookie secure is surely one of the biggest problems, if a site switches between secure and non secure pages. But that's only a problem, because most sites combine session handling...
View ArticleAnswer by Matty for Using HTTPS on the entire sites 2011 and beyond
Your friend is right. Cookies are sent with every request, even for things like images, so you have to make sure everything is being sent securely if the cookies are sensitive.The browser warnings only...
View ArticleUsing HTTPS on the entire sites 2011 and beyond
I know this has been asked before, but I am curious what all of you guys think, with the advent of programs like firesheep, released only 6 months ago. Is it a good idea to use https on an entire site?...
View Article