is this safe to have an HTTP request send to an HTTPs page to process? let say i have a request send from an HTTP page to an HTTPs page, will the data sent from the HTTP page be safe? I doubt it....
this is what i find in aolmail.aol.com, and amazon.com.
other sites are doing that also..
have any clue?
I should think it will be safe - as in, the SSL handshake will authenticate the server and the data will be sent encrypted.
The other way round is a problem, though - if you get an HTML page with a form through an https connection, but the form action specifies an http url. Which means, the blank form is downloaded to the browser over an ssl connection, but the filled-in form is sent to the server in the clear.