This week's book giveaways are in the Refactoring and Agile forums.
We're giving away four copies each of Re-engineering Legacy Software and Docker in Action and have the authors on-line!
See this thread and this one for details.
Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Secure URL parameters

 
Robert Swanson
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm curious to know if the URL query parameters passed from a Java Application to a servlet are secure? Are the following bolded parameters sent as clear text? Or will connecting via an https protocol encode the URL as well?
<a href="http://localhost/test/bleh/Servlet<b rel="nofollow">?userid=temp&password=change</b>" target="_blank">http://localhost/test/bleh/Servlet?userid=temp&password=change
I have other options but would like to know how secure this is.
 
Dirk Schreckmann
Sheriff
Posts: 7023
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
They're sent as text.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic