<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Chapter 7 : Security - Using SSL with Ajax</title>
<link rel="stylesheet" href="https://ajaxref.com/ch7/global.css" type="text/css" media="screen" />
<script src="https://ajaxref.com/ch7/ajaxtcr.js" type="text/javascript">
<script type="text/javascript">
function prepareRequests(form)
{
var url;
if (form.ssl.checked)
url = "https://ajaxref.com/ch7/hello.php";
else
url = "https://ajaxref.com/ch7/hello.php";
var options = { method: "GET",
outputTarget: "responseOutput"};
AjaxTCR.comm.sendRequest(url, options);
}
window.onload = function ()
{
document.requestForm.requestButton.onclick = function () { prepareRequests(this.form); };
};
</head>
<body>
<div class="content">
<h1>Ajax Request via SSL</h1>
<form action="#" name="requestForm">
<fieldset>
<table width="100%">
<tr class="row">
<td width="125">Send through SSL:</td>
<td>
<input type="checkbox" name="ssl" checked="checked" />
</td>
</tr>
</table>
</fieldset>
<br />
<input type="button" name="requestButton" id="requestButton" value="Send Request" />
</form>
<br />
</div>
<div id="response" class="results">
<div id="responseOutput"></div>
</div>
<br /><br />
<div id="scenarios">
<h3>Scenarios</h3>
<p>To avoid interception you should use SSL for transmission. However, because of same-origin you need to make sure you are at the correct version
of the site as you play with the example. The SSL version would be <a href="https://ajaxref.com/ch7/ssl.html">https://ajaxref.com/ch7/ssl.html</a>
while the standard non-encrypted version is at <a href="https://ajaxref.com/ch7/ssl.html">https://ajaxref.com/ch7/ssl.html</a>. Your browser
<strong>should</strong> have a problem if you are not at the appropriate address corresponding to the checked SSL state.</p>
</div>
</body>
</html>
Report a bug