Security of HTTP based authentication

Abigail abigail at abigail.be
Thu Jan 13 14:17:14 GMT 2011


On Thu, Jan 13, 2011 at 02:09:16PM +0000, Andrew Black wrote:
> On Thu, Jan 13, 2011 at 01:32:28PM +0000, Leo Lapworth wrote:
>  > You wrote that you don't send images via HTTP on a HTTPS page - what
> > > are the reasons for that?
> > >
> > 
> > Some browsers pop-up alerts if you have mixed HTTP/HTTPS on a page
> 
> I have often wondered about that - what is the risk in mixing HTTP
> images and HTTPS text?


That would depend on the image, and the request to get that image, wouldn't?


Abigail


More information about the london.pm mailing list