[HTTPS-Everywhere] Overriding warning about insecure form submission
https-everywhere at lists.grepular.com
https-everywhere at lists.grepular.com
Mon Oct 31 04:12:11 PDT 2011
On 31/10/11 10:50, Kristen Eisenberg wrote:
> A small number of sites have hardcoded form submission targets to
> use HTTP URLs, which generates a warning that
>
> Although this page is encrypted, the information you have entered is
> to be sent over an unencrypted connection and could easily be read by
> a third party.
>
> Two current examples are
>
> https://pay.reddit.com/
I've come across this too. A possible fix for this might be for the
HTTPS-Everywhere addon to intercept form submissions and rewrite the
action attribute according to the rulesets.
--
Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc
Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell
PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <http://lists.eff.org/pipermail/https-everywhere/attachments/20111031/57d4d857/attachment.sig>
More information about the HTTPS-everywhere
mailing list