Is it possible to spoof URLs even if the client interacts with the server via SSL? I ask because I am doing remote login and redirecting to a physically different server at the URL, and I wondered if the SSL connection would be prevented by security to prevent retries, etc.
The sniper will know the IP (and probably the host name) of the server you are requesting for, and the time / amount of information transferred, but nothing more.
Yes, repeated (and people in the middle) attacks are prevented by SSL if you do not trust the hacked root certificate.
( DNS-), IP-, . , .
, .
, SSL.
SSL , "" HTTP , , , .
, DNS, , , .
, -, -, , "" , , SSL- , . , , , .
, - URL- , .,
Source: https://habr.com/ru/post/1718003/More articles:Avoid XSS Vulnerabilities - Whitelist? - securityWhat is a Signature or Timestamp for an Amazon E-Commerce Web Service? - amazon-web-serviceshttps://translate.googleusercontent.com/translate_c?depth=1&pto=aue&rurl=translate.google.com&sl=ru&sp=nmt4&tl=en&u=https://fooobar.com/questions/1718000/how-to-use-multiple-threads-to-process-large-number-of-files-stored-in-the-local-disk-using-file-lock&usg=ALkJrhgWX4vqgJM4sY-Ack9-CdYs1wxBhgHibernate HQL: Convert SQL expression to HQL (with subqueries / joins) - sqlПриложение ASP.NET на 3 физических уровнях - asp.netMemberhipProvider at asp.net - authenticationExcel: removing duplicates in one column while maintaining the maximum value in the next column - filterSSL Testing with Multiple SSL Sites in IIS - iis-7What is the preferred way to execute SQL in a custom SSIS task? - sqlCross Domain Popup with Return Value - javascriptAll Articles