|
|
|
|
|
|
by jackowayed
4898 days ago
|
|
|
Yes. Otherwise an attacker could serve a page that looks just like your page, but has different javascript that ships them the credit card numbers. If you're not using SSL, you should just assume that an attacker can break your page in every conceivable way. |
|
|