Y
Hacker News
new
|
ask
|
show
|
jobs
by
prophesi
2632 days ago
It should be noted that SSLstrip is a thing. Those sites would need to properly force HTTPS, which is easy to get wrong. And it's much easier to allow both HTTP/HTTPS.