I have a security question. If I have a form that is located at an http:// address, but the form action is https:// - is this data secure? It gets postred right away to a https:// port, so I figure that teh data would be secure. If not, does anyone konw why?
ex - I have a form located at http://myserver.com and teh form action=https://myserver.com/proces./asp
I figure the data is posted in to teh https:// port, so why not? Thanks!
The data submitted via https will be encrypted and secure. Data transmitted by http will not.
If you are only passing form html via http, whereas form is submitted via https, the deta submitted by user is transmitted securely.
You can reduce computational burden in secure transactions by passing images and information not required to be secure (such as general site navigation, background images etc) via http instead of https. Of course the browser will prompt the user whether its OK to display the insecure data.