which web path is secure https to http or the opposite?

Web A is https while Web B is http only

Which path is secure?

Reque开发者_JAVA技巧st from Web A to B or Web B to A?

I've been thinking which one should have a signature scheme and which is to be confident in TLS.

• Request from A to B is not secure.
• Request from B to A is secure.

In fact every WEB request made to https://... is secure.

This being said even a request from B to A might not be 100% secure. Because B was served over HTTP and it was not secure it means that the client has no way of ensuring that the contents comes from B. A Man-In-The-Middle could have replaced it with some other contents and thus in reality the final request might not be towards A but towards C (where C is evil).

to verify the authenticity of the request made, a signature is used if the channel is across non ssl pages