Does asp.net webform encrypt data for a simple form? -
i have simple asp.net web-form has login section. when login form submitted asp.net web-form encrypt data before sending on http.
i have doubt due netspark website scan.
i have same application in mvc , asp.net web form also.
when run netspark community edition on both application similar login form vulnerability warning password transmitted on http mvc based application not asp.net webform based application.
no, http not encrypt form data. asp.net uses http protocol, , no better that.
what should use https, secure variant of http protocol, relies on certificates in order encrypt data between server , client less become victim of man-in-the-middle attack.
i guess there different configuration (http vs. https) on both applications, may explain issue.
Comments
Post a Comment