jQuery in Action, 3rd edition
The moose likes Security and the fly likes Is using HTTPS that simple? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Is using HTTPS that simple?" Watch "Is using HTTPS that simple?" New topic

Is using HTTPS that simple?

J. Frederik

Joined: Mar 06, 2013
Posts: 16
Will the data (like parameter "name") from this connection be encrypted and safe just by using "https" as scheme or is there something else I have to do, to make sure only the recipient can read the data?
And I do not mean advanced stuff, I just want to know if I use https the way it is supposed to be used.

Thanks a lot!

Jayesh A Lalwani
Saloon Keeper

Joined: Jan 17, 2008
Posts: 2678

Yes, the entire URL is encrypted, so even the GET parameters will be encrypted between the client and the Server

However, and this is a big however, most HTTP servers log the URL after it has been decrypted. If you are sending a parameter in the GET request, the parameter is part of the URL. So, the parameter will also be logged. This might create a security issue for you because anyone who has access to the HTTP logs might see sensitive information.
J. Frederik

Joined: Mar 06, 2013
Posts: 16
Thank you very much for your friendly and helpful reply!
I agree. Here's the link: http://aspose.com/file-tools
subject: Is using HTTPS that simple?
It's not a secret anymore!