Re: Proposal for Lite Encryption for Login Form without SSL

On 2 Oct, 17:01, klenwell <klenw...@xxxxxxxxx> wrote:
On Oct 2, 5:53 am, "C. (http://symcbean.blogspot.com/)"
<snip>

C.

C.,

Do you mind outlining the iframe method you use?

Thanks,
Tom

Page has form with input fields for username and password, a button
and and a hidden iframe (uninitialized).
User fills in username and password, clicks a button. Button calls
javascript to set the location of the iframe passing username as a GET
parameter. This location is a PHP script which generates a javascript
which is sent to back to the browser, with $s_u and $s_s. Javascript
retieves current password value from outer window and hashes it, then
puts the value back into the password field and submits the form.

C.

.

Quantcast