i have a question on the way data is sent from a html document to a server to be processed. when we submit detials through a html form the data gets sent to the server to be processed but as plain text right... if this is the case how can companies claim that they are totally secure, is there some way that b4 the data is sent it is encrypted by just using a simple html form with form tags to a cgi script ?? or is this always in plain text format ???

would it be safer to get the data through and applet and then output the result again or use a cgi to process the data and out put again ? and if i write to a file using an applet is it possible for anyone to somehow get the data being typed into the textfeilds, im not actually sure about how an applet works, does it run on the server or on the users computer , its hard trying to find info on how things work but easy to find info on how to code, the reson im asking is i ultimatly need to know which method would be more secure if i want to get data from a user and the write it to a file on the server

thanx for any info

(It would be easier to answer your question if it had a) decent spelling b) decent grammar c) capitalization).

when we submit detials through a html form the data gets sent to the server to be processed but as plain text right

Correct.

if this is the case how can companies claim that they are totally secure, is there some way that b4 the data is sent it is encrypted by just using a simple html form with form tags to a cgi script ?? or is this always in plain text format ???

No, the data is sent over SSL (i.e. HTTPS) -- the actual content and the scripting remains exactly the same. SSL is transparent any higher level protocol stuff - it basically sets up the encrypted channel and then allows a regular HTTP transaction to take place.

im not actually sure about how an applet works, does it run on the server or on the users computer

The users computer. The Java bytecode is downloaded from the server, and executed in a JVM on the client's computer.

------------------
- Klamath
Get my GnuPG Key Here (http://klamath.dyndns.org/mykey.asc)
Looking for an open source project to contribute to? Check out the Tornado HTTP Server (http://sourceforge.net/projects/tornado)

oh ok , i understand .
btw sorry about the spelling and grammer.

Originally posted by lazy_cod3R:
would it be safer to get the data through and applet and then output the result again

that's another way to do it. hushmail.com uses a java applet to communicate. i think they use something insane like 1024 bit encryption. the only thing that ever gets sent in plaintext is your login name. hell, even the java applet is downloaded over a secure connection.



------------------
"Assembly of Japanese bicycle require great peace of mind."
Registered Linux User #188285 http://counter.li.org/