File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Security and the fly likes Is using HTTPS that simple? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Is using HTTPS that simple?" Watch "Is using HTTPS that simple?" New topic

Is using HTTPS that simple?

J. Frederik

Joined: Mar 06, 2013
Posts: 16
Will the data (like parameter "name") from this connection be encrypted and safe just by using "https" as scheme or is there something else I have to do, to make sure only the recipient can read the data?
And I do not mean advanced stuff, I just want to know if I use https the way it is supposed to be used.

Thanks a lot!

Jayesh A Lalwani
Saloon Keeper

Joined: Jan 17, 2008
Posts: 2746

Yes, the entire URL is encrypted, so even the GET parameters will be encrypted between the client and the Server

However, and this is a big however, most HTTP servers log the URL after it has been decrypted. If you are sending a parameter in the GET request, the parameter is part of the URL. So, the parameter will also be logged. This might create a security issue for you because anyone who has access to the HTTP logs might see sensitive information.
J. Frederik

Joined: Mar 06, 2013
Posts: 16
Thank you very much for your friendly and helpful reply!
I agree. Here's the link:
subject: Is using HTTPS that simple?
It's not a secret anymore!