On Wed, Aug 28, 2013 at 7:53 PM, Samantha Atkins wrote:
> We all know about SSL so stop the lectures please. Sometimes you simply
> want to reasonably encrypt on client and decrypt on server and for one
> reason or another SSL is not an option.
SSL is always an option, you are just not choosing
So if I use sjcl.encrypt at browser then how do I do the equivalent of
sjcl.decrypt in python at server side. That is what the original question
was asking as I read it.
On Tuesday, October 9, 2012 8:24:06 AM UTC-7, Javier Guerra wrote:
>
> On Tue, Oct 9, 2012 at 12:07 AM, Laxmikant Gurnalkar
We all know about SSL so stop the lectures please. Sometimes you simply
want to reasonably encrypt on client and decrypt on server and for one
reason or another SSL is not an option.
On Thursday, October 11, 2012 7:37:43 AM UTC-7, Javier Guerra wrote:
>
> On Thu, Oct 11, 2012 at 3:39 AM, Laxm
On Thu, Oct 11, 2012 at 11:09 AM, Kurtis Mullins
wrote:
> On the other hand, some valid points raised against storing sensitive data
> in a Query String:
> http://stackoverflow.com/questions/323200/is-a-https-query-string-secure
oh, yes; the browser URL cache. effectively, that's part of the 'o
On Thu, Oct 11, 2012 at 10:25 AM, Kurtis Mullins
wrote:
> Sorry, you're probably right. I imagine there are no security risks related
> to pulling a host-name from a DNS server. However, I do not know if the case
> is the same for an HTTP Proxy when the query is included in the URL.
a malicious D
Sorry, you're probably right. I imagine there are no security risks related
to pulling a host-name from a DNS server. However, I do not know if the
case is the same for an HTTP Proxy when the query is included in the URL.
On Thu, Oct 11, 2012 at 11:14 AM, Javier Guerra Giraldez wrote:
> On Thu,
On Thu, Oct 11, 2012 at 10:04 AM, Kurtis Mullins
wrote:
> If you use GET requests to transmit data, there is still a chance that the
> data might be intercepted by a DNS server or Proxy Server regardless of SSL.
> I'd keep everything contained in POST and just like the others have
> mentioned, sim
If you use GET requests to transmit data, there is still a chance that the
data might be intercepted by a DNS server or Proxy Server regardless of
SSL. I'd keep everything contained in POST and just like the others have
mentioned, simply go with SSL and Signed Certificates.
On Thu, Oct 11, 2012 at
On Thu, Oct 11, 2012 at 3:39 AM, Laxmikant Gurnalkar
wrote:
> I'm using ssl at all. Still I need some data which is going through Ajax.
i'm not sure i understand correctly. do you mean "i'm _not_ using ssl
at all", or "i'm using ssl for everything" ??
if the former, then stop reading and turn
sorry, broken links:
Stanford Javascript Crypto Library
http://crypto.stanford.edu/sjcl/
crypto-js
http://code.google.com/p/crypto-js/
--
Javier
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-
On Tue, Oct 9, 2012 at 12:07 AM, Laxmikant Gurnalkar
wrote:
> I am doing a high security data transfer. The things are showstopper to
> transferring data through javascript to the python. Is it possible to hide
> data or send data over web in that should not be human readable.
i would start chec
You could obfuscate the Javascript; but there's no such thing as security
through obfuscation :)
HTTPs is your best bet in terms of getting it from the server to the client
without someone in the middle reading it.
On Tue, Oct 9, 2012 at 1:20 AM, Mike Dewhirst wrote:
> On 9/10/2012 4:07pm, Laxmi
On 9/10/2012 4:07pm, Laxmikant Gurnalkar wrote:
Hi, Guys.
Anybody knows to encrypt the content in javascript and decode it using
python and vice versa.
Not sure where you see the threat but if it is between the browser and
the server then I think your server needs to provide https encryption
13 matches
Mail list logo
