Janey
Reputation: 1310
$.ajax post function security
I'm looking into security for my webapp. I currently log in my user using an ajax post to a php file.
$.ajax({
type: "POST",
url: "login_StartUserSession.php",
data: ({usr: theUser, pwd: thePassword}),
cache: false,
dataType: "text",
success: function(data){.....}
I'd like to know how this data is passed to the server. Is it just in plain text by default? Is this a possible security issue? Am I able to encrypt the password without using HTTPS?
Upvotes: 1
Views: 99
Answers (1)
ceejayoz
Reputation: 179994
I'd like to know how this data is passed to the server.
It's posted with a Content-Type of application/x-www-form-urlencoded by default, and the transferred data looks like usr=test&pwd=test.
Is this a possible security issue?
Only if the URL you're sending the data to is HTTP. You'll want HTTPS for anything sensitive.
Upvotes: 1
Related Questions
- jQuery AJAX submit form
- Is there an "exists" function for jQuery?
- var functionName = function() {} vs function functionName() {}
- Abort Ajax requests using jQuery
- Set a default parameter value for a JavaScript function
- jQuery Ajax POST example with PHP
- How to manage a redirect request after a jQuery Ajax call
- How can I get jQuery to perform a synchronous, rather than asynchronous, Ajax request?