Reputation: 4519
Can you send information to your server securely without https?
I have a regular website with no login process. There was never anything on it that needed to be private so I'm using http. However I recently added an "E-mail Me" form, and some people might include sensitive information emailing me.
If the data is sent to my server with an Ajax
$.post, can the data be read by someone watching the network traffic?If so, Is there anyway I can secure it without switching to https?
OK: So def Yes to no 1.
For everyone that said no, why can't I use my own public-key/private-key for this?
Upvotes: 0
Views: 70
Answers (3)
Reputation: 28
The short answer is NO. The long answer is that if you use js, the person monitoring the traffic will be able to know how you encode the data and easily decode it. If you use server side language (C# for example), the data will be transmitted as plain text to the server so the person monitoring the traffic will be able to read it clearly. The only way is that you use a secure connection (HTTPS)
Upvotes: 0
Reputation: 73301
If the data is sent to my server with an Ajax $.post, can the data be read by someone watching the network traffic?
Yes, for sure
If so, Is there anyway I can secure it without switching to https?
No, not really/practically.
Upvotes: 1
Reputation: 1820
You will need to use https, there is no other way to truly secure the information
Upvotes: 0
Related Questions
- Is SSL required for a website if the data is actually passed securely to the server?
- Is it possible to have a secure web form without an https server?
- jQuery ajax and SSL?
- How can I do a HTTPS-TLS JQuery Ajax Post?
- HTTPS request via AJAX from HTTP page
- sending personal info over http in an ajax post. Is it secure? Why?
- Javascript, ajax - with xmlhttp - over https
- Ajax post via https from an http page
- Is there a way to securely send information in Ajax?
- If a HTTP web page makes an ajax request to a HTTPS url is the post secure?