HTTPS-only mode (is briefly mentioned and I recommend to LWN readers)
HTTPS-only mode (is briefly mentioned and I recommend to LWN readers)
Posted Jun 12, 2024 13:44 UTC (Wed) by eduperez (guest, #11232)In reply to: HTTPS-only mode (is briefly mentioned and I recommend to LWN readers) by eru
Parent article: Firefox 127.0 released
Even if the information is irrelevant to outsiders, and even if the intranet cannot be accessed from outside, the credentials travel unencrypted; a rogue employee could gain access to the credentials from other users, and use those credentials on other internal systems.
Posted Jun 13, 2024 10:05 UTC (Thu)
by eru (subscriber, #2753)
[Link]
HTTPS-only mode (is briefly mentioned and I recommend to LWN readers)
Usually these kinds of intranet mini sites do not use authentication. They are just for distributing some information in a convenient way.