Reputation: 2680
Using JSONP over SSL
If I want to send information to a server using SSL, presumably that's sensitive information. If I use JSONP to send it to a different domain, that sensitive information must go in the querystring. At a minimum, it seems that this information would be logged by the web server, thus exposing sensitive information. Does using JSONP over SSL make any sense?
Upvotes: 2
Views: 1310
Answers (1)
Reputation: 630389
For returning data, sure it can make sense, for requesting data though...yes you're going to expose data in the query string that can be logged at several places along the way.
Using SSL to POST the data through your own domain(and you proxying to the other) seems like a better option, if it's possible, so you're not providing data using GET at any point.
Upvotes: 2
Related Questions
- JSONP To Acquire JSON From HTTPS Protocol with JQuery
- JSONP secure-connection workaround
- Cross domain request using jsonp: from https to http
- Is it possible to make a secure JSONP request?
- HTTPS to HTTP JSONP request
- JSONP over HTTPS
- Request to a json resource from an http page to an https server
- Cross Domain JSONP over HTTPS
- HTTP site with JSONP API over HTTPS?
- 100% SSL or selective SSL, JSONP ... and no errors?