The moose likes Java in General and the fly likes Secure URL parameters Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Java in General
Bookmark "Secure URL parameters" Watch "Secure URL parameters" New topic

Secure URL parameters

Robert Swanson

Joined: Sep 09, 2003
Posts: 2
I'm curious to know if the URL query parameters passed from a Java Application to a servlet are secure? Are the following bolded parameters sent as clear text? Or will connecting via an https protocol encode the URL as well?
<a href="http://localhost/test/bleh/Servlet<b rel="nofollow">?userid=temp&password=change</b>" target="_blank">http://localhost/test/bleh/Servlet?userid=temp&password=change
I have other options but would like to know how secure this is.
Dirk Schreckmann

Joined: Dec 10, 2001
Posts: 7023
They're sent as text.

[How To Ask Good Questions] [JavaRanch FAQ Wiki] [JavaRanch Radio]
I agree. Here's the link:
subject: Secure URL parameters
It's not a secret anymore!