tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Wade Chandler" <wchand...@redesetgrow.com>
Subject RE: encrypting a form's action URL with HTTPS link
Date Thu, 23 Oct 2003 21:42:23 GMT
Actually URLs are.  You are using an SSLSocket.  HTTPS can't control
that fact.  Your URL using a GET is usually displayed in a browser, so
some people have this misconception.  So, yes it's all encrypted.

Wade

-----Original Message-----
From: Christopher Schultz [mailto:christopher.d.schultz@comcast.net] 
Sent: Thursday, October 23, 2003 5:38 PM
To: Tomcat Users List
Subject: Re: encrypting a form's action URL with HTTPS link


Naveen/Adam,

> 	Well yes, in case of SSL (secure socket Layer) all your form
content 
> along with the page header will go in an encrypted format.

Of note is that the URL itself is *not* encrypted, although everything 
else is. So, be careful that you specify your HTTPS form submissions as 
being POST instead of GET; otherwise your form data will go into the 
(unencrypted) URL.

-chris


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message