博客讨论了通过使用SSL/TLS证书来增强Ajax和POST数据传输的安全性,指出即使有付费服务,也可以通过获取免费SSL证书来避免网络流量被嗅探。建议在开发注册/登录功能时,利用OpenID结合社交网络以简化安全步骤。
Just to clarify, there is not a 100% secure method to send any kind of data with Ajax, or even a normal POST.
A good practice is to use SSL/TLS Certificates, if you have a good SSL/TLS certificate nobody can sniff out the password from observing your network traffic.
Unfortunately these services are not free. (*)
If you don't want to pay for something like that and you're building a Sign Up / Log In you can simply use OpenAuth or OpenID and let people join using Social Networks avoiding many security steps both Client and Server side.
*: As suggested by Ivan Venediktov, you can now get a free SSL certificate by following this LINK.
扫一扫
4901
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
