I have a landing page on http://example.com ;that has an ajax login bar on it, which sends the user's login to the server, receives the authentication response, and displays it to the user.The problem with this approach, is that user login information is sent in cleartext to the server, without SSL encryption. However, when doing the same POST request to https://example.com, NGINX responds with 401 Unauthorized.In what ways might we be able to use https://example.com/user_api as the authorization URL?Many thanks!
Calling HTTPS APIs from HTTP pages via javascript
- Thread starter TG.scaR
- Start date