Re: Autobanking
Re: Autobanking
- Subject: Re: Autobanking
- From: "Craig S. Cottingham" <email@hidden>
- Date: Thu, 27 Sep 2001 13:28:36 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thursday, September 27, 2001, at 12:21 , Chilton Webb wrote:
On Thursday, September 27, 2001, at 09:31 AM, Craig S.
Cottingham wrote:
I have a vague recollection from a previous job several years
ago that browsers are supposed to (a) not cache pages
retrieved via https and (b) not allow viewing the page source
for such pages. To be honest, I don't think I've ever tried,
and frankly I'm not interested enough to fire up another
browser (I keep iCab running most of the time) to test this
recollection. If someone knows otherwise, well, I'll admit in
advance that my recollection is faulty. :-)
Ya know, I swear I remember the exact same thing about https
page source not being accessible to view, but I just checked
with IE and sure enough, you can see everything you'd need in
there. CGIs, form data, and all.
I wouldn't be surprised at all if the standard says that you
aren't supposed to be able to view source for pages fetched via
https. After all, we all know how well most browser
manufacturers actually implement the standards. :-)
- --
Craig S. Cottingham
email@hidden
PGP key available from:
<
http://pgp.ai.mit.edu:11371/pks/lookup?op=get&search=0xA2FFBE41>
ID=0xA2FFBE41, fingerprint=6AA8 2E28 2404 8A95 B8FC 7EFC 136F
0CEF A2FF BE41
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (Darwin)
Comment: For info see
http://www.gnupg.org
iD8DBQE7s2/aE28M76L/vkERAqh4AJ9cUau28vK7xtn2JQc53ZTpEgXuGgCgxDM+
u0JymK67farr9W4g9hNWf+g=
=QEOj
-----END PGP SIGNATURE-----