[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-ssl
Subject:    Re: [apache-ssl] GET request on https
From:       Ben Laurie <ben () algroup ! co ! uk>
Date:       2002-11-01 9:18:01
[Download RAW message or body]

Nilesh Gujarathi wrote:
> Hi ,
> 
> I have a question with related to GET URL request over https.
> 
> When i send any name value parameter data in URL GET request say:
> https://10.10.10.10?index.html?name=user&password=secret
> 
> Q1. Is the absolute path "index.html?name=user&password=secret" sent
> encrypted over the network?
> Is "GET /index.html?name=user&password=secret http/1.1" encrypted?

Yes.

> Q2. Would proxy be able to cache the the above complete URL aling with  
> user
> and password parameters ?

Not if you are doing end-to-end SSL.

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff


-----------------------------------------------------------------------------------
to unsubscribe, send a blank email to: apache-ssl-unsubscribe@lists.aldigital.co.uk

[prev in list] [next in list] [prev in thread] [next in thread]