Reputation: 641
Is this a secure connection?
I have a function that opens new browser tab and loads a lot of data into it:
var contact_id = $('#contact_id).val();
$.ajax({
type: 'POST',
url: 'contacts.php',
data: 'id' + contact_id,
success: function(data) {
var win = window.open("data:text/html, " + encodecURIComponent(data));
win.focus();
}
});
The users connects thought https protocol and clicks on a link with a contact name to get additional data on this new tab page. But when this new tab gets opened it doesn't specify what protocol it is. Seems like the data being given out unsecurely, am I correct?
I have tried to replace this line:
var win = window.open("data:text/html, " + encodecURIComponent(data));
to this one:
var win = window.open("https:text/html, " + encodecURIComponent(data));
But then I get Request-URI Too Large (Apache).
Please help.
Upvotes: 0
Views: 69
Answers (1)
Reputation: 2493
The "text/html" part of the argument is the content-type, it has nothing to do with the transport protocol http or https.
However, what you are doing is simply displaying the results of the POST in a new window, you are not performing a new request to the server. So, you only have to worry about the original POST being sent over https.
You can confirm this in the network tab of google chrome dev tools for example.
Upvotes: 1
Related Questions
- HTTPS with nodejs and connect
- Is SSL secure connection available without browser call?
- Setting up a secure connection between a node.js server and a jQuery client
- Insecure response error with HTTPS on remote computer
- HTTPS Server in Node.js
- Secure HTTP connection
- How secure is SSL connection??
- How to refer to https with javascript
- Javascript and jQuery not secure over https
- SSL connection in JavaScript