|
|
|
|
|
|
by jamalex
5169 days ago
|
|
|
Having pre-submission pages (or anything leading to the submission of sensitive data) not be over HTTPS is more than just an issue of perception; for example, a network attacker can inject javascript into the unsecure form page and read/send off the credit card details before the form is even submitted. |
|
|