AniDB

Talk:SSL Encryption: Difference between revisions

Page Discussion

Talk:SSL Encryption (view source)

Revision as of 01:23, 19 November 2012

549 bytes added ,  19 November 2012
→‎Security?: new section
(SSL Key Changed, Never Documented?)
 
(→‎Security?: new section)
Line 32: Line 32:
start: 1272957972 - Tue May 04 2010
start: 1272957972 - Tue May 04 2010
end:  1303542973 - Sat Apr 23 2011
end:  1303542973 - Sat Apr 23 2011
== Security? ==
"All requests for images, stylesheets and other page elements are NOT encrypted. Such requests should usually not be directed towards "anidb.net" but rather towards specific subdomains [and] do not include the AniDB authentication cookies and should thus not allow attackers to hijack your AniDB session."
You guys are aware there are ways to use css to trick various browsers into executing scripts, and hence running code that hijacks sessions and bypasses https... right? [[User:Dantman|Dantman]] 02:23, 19 November 2012 (CET)
Dantman
2

edits

Retrieved from "https://wiki.anidb.net/Special:MobileDiff/17017"
MediaWiki spam blocked by CleanTalk.
MediaWiki spam blocked by CleanTalk.