You're viewing a comment by Peter Balogh and its responses.

Peter Balogh Permalink
May 04, 2012, 17:26

The thing is, I don't see anything the example code above to indicate that this is hosting any part of the app (the form or the node.js server app) via https. Am I missing something?

The node.js code doesn't reference any .pem files. Was this left out for the sake of concision? Or if not, how is this an https server?

Comment Responses

jake Permalink
May 19, 2012, 22:26

The entire stripe library is loaded in via https:// and all AJAX calls are done vai https://. in other words, stripe.js is entirely secure. The only risk you have of loosing ANYTHING is the token that stripe returns, which is useless unless you have the secret key (which is secret and stored server-side)..

Reply To This Comment

(why do I need your e-mail?)

(Your twitter name, if you have one. (I'm @pkrumins, btw.))

Type the first letter of your name: (just to make sure you're a human)

Please preview the comment before submitting to make sure it's OK.