Mixed Content

When a user visits a page served over HTTPS, their connection with the web server is encrypted with TLS and is therefore safeguarded from most sniffers and man-in-the-middle attacks. An HTTPS page that includes content fetched using cleartext HTTP is called a mixed content page.

1、介绍

When a user visits a page served over HTTPS, their connection with the web server is encrypted with TLS and is therefore safeguarded from most sniffers and man-in-the-middle attacks. An HTTPS page that includes content fetched using cleartext HTTP is called a mixed content page. Pages like this are only partially encrypted, leaving the unencrypted content accessible to sniffers and man-in-the-middle attackers. That leaves the pages unsafe.

2、例题

题目:Which of the following use cases force a browser to throw a Mixed Content warning/error? Pick ONE or More options.

我感觉答案应该是A、B、C、D全选。

参考资料

Was this helpful?

0 / 0

发表评论 0

Your email address will not be published. Required fields are marked *