Can I just also mention, that relying on encrypted forms (based on a
static key from the server) is not very good practice.
At the very most, you can rely on it for client side obfuscation, but
don't ever rely on it for security.
An SSL certificate is almost certainly the way to go if you want to
protect data from being sniffed.
If you want to protect against CSRF, then see:
http://docs.djangoproject.com/en/dev/ref/contrib/csrf/
Hope this helps.
Cal
On 01/11/2010 11:19, ckarrie@googlemail.com wrote:
> Hi everybody,
>
> is there a way not to send form data in plain-text format? I've found
> jCryption for PHP ("In short words jCryption is a javascript HTML-Form
> encryption plugin, which encrypts the POST/GET-Data that will be sent
> when you submit a form."). Is there a way to crypt data without using
> SSL?
>
> Thanks, Christian
>
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
No comments:
Post a Comment