m0g
Reputation: 969
Do I need to use SSL on a web page if the web service already uses it?
Would a web page need to use SSL in order to prevent eavesdropping if it makes all requests through the web service that already uses SSL?
I am leaning more towards yes it would need to use SSL on the web page side as well but I am not confident.
Can someone explain to me why the web page would need it or not?
Upvotes: 0
Views: 37
Answers (1)
Marc B
Reputation: 360762
If nothing else, the parent page should be loaded through SSL as well to prevent any "mixed content" warning messages. Even if the service calls in the background are done via SSL, the main page won't show the usual SSL indicators, making users think it's totally unsecured.
Upvotes: 1
Related Questions
- Is SSL/TLS still needed on same machine WS calls
- Does configuring a web server with SSL break regular HTTP
- If my web site is HTTPS does every call for data or a static page have to be HTTPS also?
- do i need ssl on my web application?
- Do I need HTTPS communication within a webapp and a webservice on the same instance?
- providing SSL for Web Service that runs on IIS
- ASP.NET "HTTPS" WebService
- Is it mandatory to use SSL?
- Does calling a secure Web services (HTTPS) requires more setup?
- Do I need an SSL certificate if using a secure webservice?