@earlephilhower Either way I don't think that @hasenradball really needs https
Considering that most browsers will give warnings about self-signed certificates
and all the fuss with setting up https
Thanks for the Info I will have a look at the https examples, but if its not faster than http it is not an benefit for me. :-)
Earle F. Philhower, III
HTTP's auth is insanely insecure (plaintext b64!) so using TLS to protect that is generally a good practice (but slow on the 8266). But yes, there's no way to keep the browser itself from knowing the password...that's just kind of silly. Anyway, the examples do show both methods so he should be able to choose accordingly. Good luck!
@earlephilhower If it's only required for sending passwords, then I would go with encrypting it in JS with some master password. Using TLS without validating server cert (i.e. clicking through self signed warning) is also insecure (third party can trick you into entering password on their server)
Hello is it possible to send a post request to the ESP8266Webserver with json-formatted data or has the data always be in the type of x-www-form-urlencoded?