Meaning of Network Transmission warning dialog ?
Thiago Macieira
thiago at kde.org
Fri Dec 1 13:06:38 GMT 2006
Yuri Baranov wrote:
>After filling the fields and clicking submit, I got warning dialog
>from the browser (screenshot attached),
>The developer postulates, that the data from the form on the payment
>site is always posted encrypted, but the http response may come back
>unencrypted. This does not break any security, according to him,
>because the response contains no sensitive information - only "payment
>accepted" or "payment rejected".
The warning is only shown if Konqueror received the form HTML in SSL mode
(encrypted) but is about to send the form data back to the server without
SSL encryption.
So, yes, your credit card number was sent unencrypted across the Internet.
Without more details on the web form in question, I can't give you more
information.
--
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
PGP/GPG: 0x6EF45358; fingerprint:
E067 918B B660 DBD1 105C 966C 33F5 F005 6EF4 5358
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <https://mail.kde.org/mailman/private/kfm-devel/attachments/20061201/4bd94403/attachment.sig>
More information about the kfm-devel
mailing list