- From: Tom Molesworth <tetra604@gmail.com>
- Date: Fri, 29 Sep 2006 12:18:30 +0100
- To: www-talk@w3.org
hi there, > Hello, i would like to make an application to a webserver > that uses the http protocol, but encripted. i dont want to > use https or ssl or tls.... is it possible to encrypt http > and all the browsers can read the page???? > thnx for your help As far as I know, there isn't a commonly-deployed standard (outside HTTPS) for this type of encrypted communication, but it's fairly straightforward to implement encryption in Javascript, and use that to exchange information between the client and server once the page has been loaded. Take a look at this page: http://www.movable-type.co.uk/scripts/TEAblock.html for a simple encryption algorithm, there's also a link on that page to an implementation of AES, which should provide better security if required. Whichever implementation you go for, the actual data can be exchanged with XMLHttpRequest or IFRAME techniques as usual, see http://www.ajaxian.com for more info on that. Most browsers support Javascript, but you'd need some sort of fallback for anyone who has disabled it - mobile/cell phone browsers usually don't implement Javascript, for example.
Received on Friday, 29 September 2006 14:57:19 UTC