I'm wondering if their are security issue with the following.
I have a website that I'm working on. http://Cardp.ca (with NO SSL). They have a registration form on a seperate url with sensitive information, https://cardpregister.com (has SSL). Until I remake the Secure form and add an SSL on http://cardp.ca , is their any security issue if:
On a page in http://cardp.ca I make an iframe of https://cardpregister.com so users can feel like they are still on cardp.ca in the mean time?
Thanks for any input,
Mods - Sorry if this is the wrong location
1 Replies - 1040 Views - Last Post: 09 June 2012 - 03:02 AM
Replies To: Security with an IFrame of https site in a non-https site
Re: Security with an IFrame of https site in a non-https site
Posted 09 June 2012 - 03:02 AM
That shouldn't be a problem. The browsers won't let you interact with the contents of an iframe, unless it's source matches the URL of the main page. That is, unless the domain name, the protocol (http and https would be different protocols) and the port are the same.
Page 1 of 1