需要SSL支持我的网站上的Facebook身份验证吗?
[英]Need SSL to support Facebook authentication on my site?
问题描述
I am making a Rails site that lets people sign in, only using Omniauth authentication with Facebook. 
我正在制作一个Rails网站,使人们只能使用Facebook的Omniauth身份验证进行登录。 No passwords are entered into my site. 没有密码输入到我的网站。 Is it still beneficial to have SSL on my site? 它仍然是有益的在我的网站SSL? Or does the Facebook authentication route pretty much take care of that? 还是Facebook身份验证路线可以解决这个问题? I know SSL is required for Facebook apps/sites that appear in FB, and that is NOT my case. 我知道FB中显示的Facebook应用/网站需要SSL,但这不是我的情况。
I know it will work, just like I can have a login screen with email/password without SSL. 我知道它会工作,就像我可以使用不带SSL的电子邮件/密码登录屏幕一样。 It will work, but it's not exactly secure. 它可以工作,但是并不完全安全。 I'm looking for a recommendation... if I don't have SSL on my site, what info is passed that would not be secure? 我正在寻找建议...如果我的网站上没有SSL,则会传递哪些不安全的信息? And is that info worth having my own SSL certificate to hide it from anyone watching? 而且该信息值得拥有我自己的SSL证书以对任何观看者隐藏吗?
2 个解决方案
解决方案1
0 2012-08-08 03:49:48
部分答案:即使您的应用程序用户启用了安全浏览,也可以在没有SSL的情况下正常运行。
解决方案2
0 2013-03-09 19:44:23
它的ipage,通过HTTPS浏览时显示错误
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.