Answer the question
In order to leave comments, you need to log in
R
R
Robotex2011-02-03 12:26:19
Robotex, 2011-02-03 12:26:19
Sharing data between http and https?
Can a regular site send a request (GET or POST) to a secure site and get a response back? Will encryption be used in this case?
If this is not possible, then what?
2 answer(s)
@akalend
Make a separate http page for third-party developers,
and instead of an SSL key, give them an md5 salt, let them hash their data and attach the hash, and you, on your side, check your data hash and the hash sent by them.
@Robotex
A
Alexander, 2011-02-03 @akalend
Of course not,
or you did not understand the situation or you contradict yourself:
a third-party site, as simple as possible for its developers, could access my site ( naturally with signatures , etc. so as not to be faked) and receive data in response.If the site works only on https, and even monitors the keys, then http access will not last.
Make a separate http page for third-party developers,
and instead of an SSL key, give them an md5 salt, let them hash their data and attach the hash, and you, on your side, check your data hash and the hash sent by them.
R
Robotex, 2011-02-03 @Robotex
Those. I have a php script available via http, which is accessed by a third-party site via GET with salt. Next, this script makes an https request (by the way, how is this done? via curl?), generates a response and sends it to the site. But no, the answer will then go unencrypted. And I just need it not to be intercepted.
A third party site is trying to authorize a user using mine. And in response, I suppose, you need to send an authorized / not authorized response. If an attacker can fake it, then he will log in to a third-party site.
Similar questions
A
N
S
T
L
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question