Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > HTML > http and https

Reply
Thread Tools

http and https

 
 
Luigi Donatello Asero
Guest
Posts: n/a
 
      12-22-2004
I am going to have a https protocol in a short time.
Now the question is:
do you think that it would be better to have the same pages both in http and
https?
Or redirect all the pages into https?
Which are the main advantages and disadvantage of the 2 options in your
opinion?

--
Luigi ( un italiano che vive in Svezia)
http://www.scaiecat-spa-gigi.com/de/...ikel-1168.html



 
Reply With Quote
 
 
 
 
Steve Pugh
Guest
Posts: n/a
 
      12-22-2004
On Wed, 22 Dec 2004 18:23:01 GMT, "Luigi Donatello Asero"
<(E-Mail Removed)> wrote:

>do you think that it would be better to have the same pages both in http and
>https?


No.

>Or redirect all the pages into https?


Not unless all your traffic contains sensitive data.

Have transactions that will contains secure data use https and
transactions that won't use http.

>Which are the main advantages and disadvantage of the 2 options in your
>opinion?


https: secure.
http: cacheable, faster.

Steve

 
Reply With Quote
 
 
 
 
Luigi Donatello Asero
Guest
Posts: n/a
 
      12-22-2004

"Steve Pugh" <(E-Mail Removed)> skrev i meddelandet
news:(E-Mail Removed)...
> On Wed, 22 Dec 2004 18:23:01 GMT, "Luigi Donatello Asero"
> <(E-Mail Removed)> wrote:
>
> >do you think that it would be better to have the same pages both in http

and
> >https?

>
> No.
>
> >Or redirect all the pages into https?

>
> Not unless all your traffic contains sensitive data.
>
> Have transactions that will contains secure data use https and
> transactions that won't use http.
>
> >Which are the main advantages and disadvantage of the 2 options in your
> >opinion?

>
> https: secure.
> http: cacheable, faster.


Do you mean that https pages are not indexed by search engines?
--
Luigi ( un italiano che vive in Svezia)
http://www.scaiecat-spa-gigi.com/de/...ikel-1168.html





 
Reply With Quote
 
Steve Pugh
Guest
Posts: n/a
 
      12-22-2004
"Luigi Donatello Asero" <(E-Mail Removed)> wrote:
>"Steve Pugh" <(E-Mail Removed)> skrev i meddelandet
>news:(E-Mail Removed).. .
>> "Luigi Donatello Asero" <(E-Mail Removed)> wrote:
>>
>> >Which are the main advantages and disadvantage of the 2 options in your
>> >opinion?

>>
>> https: secure.
>> http: cacheable, faster.

>
>Do you mean that https pages are not indexed by search engines?


No I don't mean that. I meant what I said, nothing more.

https pages are indexed by search engines (Google for https and look
at the URL of the third result).

Steve

 
Reply With Quote
 
david.hunter@gmail.com
Guest
Posts: n/a
 
      12-22-2004
>> do you think that it would be better to have the same pages both in
http and https?

No. Why do you want to do that ?

Only put the area of the site that has the senstive data behind the
ssl. Every time you huit a page under the ssl the server has to encrypt
and decrypt your pages which affects your client's speed considerably.
Not to mention people that have that "You're going to a secure page"
pop up box enabled.

Only apply it where necessary - like the registraiotn pages, or credit
submission, etc.

There is no need to duplicate the pages if for some reason you *must*
have the enitre site behind ssl - but I can't imagine why you'd want
this.

If you mention what you're trying to accomplish we may be able to help
more.

 
Reply With Quote
 
Dylan Parry
Guest
Posts: n/a
 
      12-22-2004
Luigi Donatello Asero wrote:

> do you think that it would be better to have the same pages both in
> http and https? Or redirect all the pages into https?


Neither. The only pages that you need to have in https are the ones that
contain sensitive data such as credit card payment details etc. So I
would just put these pages there as well as any images that are on those
pages.

--
Dylan Parry
http://webpageworkshop.co.uk -- FREE Web tutorials and references
 
Reply With Quote
 
Luigi Donatello Asero
Guest
Posts: n/a
 
      12-22-2004

<(E-Mail Removed)> skrev i meddelandet
news:(E-Mail Removed) ups.com...
> >> do you think that it would be better to have the same pages both in

> http and https?
>
> No. Why do you want to do that ?
>
> Only put the area of the site that has the senstive data behind the
> ssl. Every time you huit a page under the ssl the server has to encrypt
> and decrypt your pages which affects your client's speed considerably.
> Not to mention people that have that "You're going to a secure page"
> pop up box enabled.
>
> Only apply it where necessary - like the registraiotn pages, or credit
> submission, etc.
>
> There is no need to duplicate the pages if for some reason you *must*
> have the enitre site behind ssl - but I can't imagine why you'd want
> this.
>
> If you mention what you're trying to accomplish we may be able to help
> more.


How can I grant that photo which shows a certain product which is on a http
page really comes from my website?
If the customer has to make a choice, that means whether he or she buys it,
even on the grounds of this photo, it should be on a safe page, shouldn´t
it?
But, in fact, many pages which I have on the website have photos, they are
sometimes photos which show shoes, other times for example holidays lodgings
which I show to offer my intermediation for rent to tourists.
So, the question is whether all these photos must be regarded as a part of
the offer and be placed on safe pages (https)

--
Luigi ( un italiano che vive in Svezia)
http://www.scaiecat-spa-gigi.com/de/...ikel-1168.html




 
Reply With Quote
 
Luigi Donatello Asero
Guest
Posts: n/a
 
      12-22-2004

The other option would be not to consider the photos as part of the offer
and may-be let customers print them and send me by snail-post to let me
know which photo they refer to. I could answer their inquiry and confirm
their order if I want to.
In this case the customer would do the proposal to acquire and I would
accept or reject it.
It sounds as the second option is safer.
--
Luigi ( un italiano che vive in Svezia)
http://www.scaiecat-spa-gigi.com/de/...ikel-1168.html





 
Reply With Quote
 
Steve Pugh
Guest
Posts: n/a
 
      12-22-2004
"Luigi Donatello Asero" <(E-Mail Removed)> wrote:

>How can I grant that photo which shows a certain product which is on a http
>page really comes from my website?


A user can check the photo's properties to see that it comes from your
server.

That has got nothing to do with https vs http.

>If the customer has to make a choice, that means whether he or she buys it,
>even on the grounds of this photo, it should be on a safe page, shouldn´t
>it?


No.

>But, in fact, many pages which I have on the website have photos, they are
>sometimes photos which show shoes, other times for example holidays lodgings
>which I show to offer my intermediation for rent to tourists.


Are you saying that you would refuse to buy from amazon because the
cover pics for the books aren't on a secure server?

>So, the question is whether all these photos must be regarded as a part of
>the offer and be placed on safe pages (https)


No. https has nothing to do with offering guarantee about the quality
of information on a web site. It is solely concerened with securing
the transfer of information between the browser and the server. It's a
technical solution to the problem of possible interception of http
requests, that's all.

Steve

 
Reply With Quote
 
Oli Filth
Guest
Posts: n/a
 
      12-22-2004
Luigi Donatello Asero wrote:
> <(E-Mail Removed)> skrev i meddelandet
> news:(E-Mail Removed) ups.com...
>
>>>>do you think that it would be better to have the same pages both in

>>
>>http and https?
>>
>>No. Why do you want to do that ?
>>
>>Only put the area of the site that has the senstive data behind the
>>ssl. Every time you huit a page under the ssl the server has to encrypt
>>and decrypt your pages which affects your client's speed considerably.
>>Not to mention people that have that "You're going to a secure page"
>>pop up box enabled.
>>
>>Only apply it where necessary - like the registraiotn pages, or credit
>>submission, etc.
>>
>>There is no need to duplicate the pages if for some reason you *must*
>>have the enitre site behind ssl - but I can't imagine why you'd want
>>this.
>>
>>If you mention what you're trying to accomplish we may be able to help
>>more.

>
>
> How can I grant that photo which shows a certain product which is on a http
> page really comes from my website?
> If the customer has to make a choice, that means whether he or she buys it,
> even on the grounds of this photo, it should be on a safe page, shouldn´t
> it?
> But, in fact, many pages which I have on the website have photos, they are
> sometimes photos which show shoes, other times for example holidays lodgings
> which I show to offer my intermediation for rent to tourists.
> So, the question is whether all these photos must be regarded as a part of
> the offer and be placed on safe pages (https)
>


That sounds like overkill to me. You're implying that a hacker (or
wierdo) might, for some reason, intercept a transmission from your site
to a user and replace an image (or the HTML link) of a holiday
destination with a different one?

Oli
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
HTTP SOAP/HTTP GET/HTTP POST milan_9211 Software 0 01-10-2011 02:10 PM
server side redirect https => https NOT working Axel ASP General 8 04-27-2009 02:02 AM
https authentication & storing https page in string Naveen Dhanuka Ruby 1 09-19-2007 02:05 PM
open-uri and HTTPS, or net/https with a redirect jotto Ruby 4 10-02-2006 07:26 AM
asp.net and chaning betten http and https Darren Clark ASP .Net 1 08-20-2004 10:58 AM



Advertisments