Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Is using HTTPS that simple?

 
J. Frederik
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Will the data (like parameter "name") from this connection be encrypted and safe just by using "https" as scheme or is there something else I have to do, to make sure only the recipient can read the data?
And I do not mean advanced stuff, I just want to know if I use https the way it is supposed to be used.

Thanks a lot!

 
Jayesh A Lalwani
Rancher
Posts: 2756
32
Eclipse IDE Spring Tomcat Server
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes, the entire URL is encrypted, so even the GET parameters will be encrypted between the client and the Server

However, and this is a big however, most HTTP servers log the URL after it has been decrypted. If you are sending a parameter in the GET request, the parameter is part of the URL. So, the parameter will also be logged. This might create a security issue for you because anyone who has access to the HTTP logs might see sensitive information.
 
J. Frederik
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thank you very much for your friendly and helpful reply!
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic