[4292] in WWW Security List Archive
Re: SSL and CGI
daemon@ATHENA.MIT.EDU (laweb)
Sat Feb 8 00:42:49 1997
Date: Fri, 7 Feb 1997 17:59:54 -0800
To: www-security@ns2.rutgers.edu
From: laweb@gyw.com (laweb)
Errors-To: owner-www-security@ns2.rutgers.edu
Tom,
SSL doesn't alter transmitted data, so your script will work just fine.
Encryption only occurs to data between the server and the browser, not in
between the server and the cgi. I.e. data which is visible on the browser
is same with or w/o SSL, and similarly data transmitted between the server
and the cgi is the same.
If this doesn't make sense, I'll reword.
Troy
>SSL Pros:
>
>I have a CGI script that takes form field data information from credit
>applications that are spread over 3 seperate pages. It then creates a
>(.cvs) data file that can be read by excell.
>
>My question is this: Will Verisign SSL cause a problem with the
>funtionallity of the CGI script. Since the CGI script (perl) reads the
>application pages (1,2 & 3) on the fly, and places information in a
>hidden field on the following application page, I was wondering if the
>encription procces of SSL would stall out the what is now a perfect
>little script.
>
>Answers, question solutions...
>
>Tom A
>tommygun@earthlink.net
Troy Korjuslommi
Technical Director/Webmaster
ALLIANCE STUDIO [WEST]
ph. (310) 458-0884
fx. (310) 395-5741
e. laweb@gyw.com
w3. http://gyw.com/alliance/
************* recommendations to the fortune standard I ******************
You shall know the Linux and the Linux shall set you free.
