Ahh, I see
So what I think you are saying is that I should force the Credit Card
transaction form to https even if it is submitted from a http page.
That makes sense.
--
Tim Coy
Timco Electronics Pty Ltd
[EMAIL PROTECTED]
> The ideal mode of operation for SSLEXT is that the user does not
The idea of "flopping" sounds good to me :-)
Thanks for the tips
--
Tim Coy
Timco Electronics Pty Ltd
[EMAIL PROTECTED]
> I haven't found that to be the case; I nearly always see just the
> "important data" forms being protected via SSL, which is what I would
>
e the user from directly entering the SSL pages
without a valid session, which is also something I would like to fix.
I will have a look at sslext and thanks for the tip.
--
Tim Coy
Timco Electronics Pty Ltd
[EMAIL PROTECTED]
> sslext: http://sslext.sourceforge.net/ is one way.
>
> I a
e site and
then proceed with their purchase without forcing the user back to SSL.
My question is
What is the best way to ensure that once a user has signed on that all
transactions are via the SSL?
--
Tim Coy
Timco Electron
4 matches
Mail list logo
