Is it possible to force a browser to use http in an ssl enabled (https) website?
I was doing a security research on storing the session id in local storage instead of storing it in cookies. I understand that it is not possible to tag the values in local storage as HttpOnly and so it may be vulnerable to XSS attacks. Si… Continue reading Is it possible to force a browser to use http in an ssl enabled (https) website?