File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes Is using HTTPS that simple? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Is using HTTPS that simple?" Watch "Is using HTTPS that simple?" New topic
Author

Is using HTTPS that simple?

J. Frederik
Greenhorn

Joined: Mar 06, 2013
Posts: 16
Will the data (like parameter "name") from this connection be encrypted and safe just by using "https" as scheme or is there something else I have to do, to make sure only the recipient can read the data?
And I do not mean advanced stuff, I just want to know if I use https the way it is supposed to be used.

Thanks a lot!

Jayesh A Lalwani
Bartender

Joined: Jan 17, 2008
Posts: 2274
    
  28

Yes, the entire URL is encrypted, so even the GET parameters will be encrypted between the client and the Server

However, and this is a big however, most HTTP servers log the URL after it has been decrypted. If you are sending a parameter in the GET request, the parameter is part of the URL. So, the parameter will also be logged. This might create a security issue for you because anyone who has access to the HTTP logs might see sensitive information.
J. Frederik
Greenhorn

Joined: Mar 06, 2013
Posts: 16
Thank you very much for your friendly and helpful reply!
 
Don't get me started about those stupid light bulbs.
 
subject: Is using HTTPS that simple?
 
Similar Threads
HttpClient login, search and get the HTML content
Call a web service from j2me application
HTTP/1.1 401 Authorization Required with HttpClient 4.1.1
http client + thread save conn manager + execute get request time problems
Connecting to https urls from Java