File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Java in General and the fly likes Secure URL parameters Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Java in General
Bookmark "Secure URL parameters" Watch "Secure URL parameters" New topic

Secure URL parameters

Robert Swanson

Joined: Sep 09, 2003
Posts: 2
I'm curious to know if the URL query parameters passed from a Java Application to a servlet are secure? Are the following bolded parameters sent as clear text? Or will connecting via an https protocol encode the URL as well?
<a href="http://localhost/test/bleh/Servlet<b rel="nofollow">?userid=temp&password=change</b>" target="_blank">http://localhost/test/bleh/Servlet?userid=temp&password=change
I have other options but would like to know how secure this is.
Dirk Schreckmann

Joined: Dec 10, 2001
Posts: 7023
They're sent as text.

[How To Ask Good Questions] [JavaRanch FAQ Wiki] [JavaRanch Radio]
I agree. Here's the link:
subject: Secure URL parameters
It's not a secret anymore!