|
|
|
|
|
|
by discreditable
4063 days ago
|
|
|
I've seen non-https sites serve up HTTPS iframes. The whole iframe thing just seems like a bad idea for processing credit information. Ignoring HTTP interception, it's difficult for customers to verify that the iframe is indeed coming from an HTTPS site. |
|
|