: HTTP and HTTPS visibility question First a little context as a lot of people have been confused by my question in the past. Everything in the 2 requests below is visible to a third party

First a little context as a lot of people have been confused by my question in the past.

Everything in the 2 requests below is visible to a third party (man in the middle attack), url, data, host name, both ip addressed, etc.

POST
foo.com/
POST Data {
foo: me,
bar: you
}

GET
foo.com?foo=me&bar=you

I belive only host name and both ip addresses are visable to the third party with the POST request below.
foo.com POST Data {
foo: me,
bar: you
}

My question, is the same viable or is the GET data also visible compared to the POST request over https with this one?
foo.com?foo=me&bar=you

10.01% popularity Vote Up Vote Down

: How to correctly remove parameters from the Google index? Within the GWT console under URL Parameters there are two settings that I'm not clear on. What is the difference between setting a URL

@Michele947

Posted in: #GoogleSearchConsole #UrlParameters

2 Comments

: Find percentage of sessions that include view of a single URL It's easy enough to find the percentage of views a single page has, but I'm trying to find percentage of sessions that include

@Michele947

Posted in: #GoogleAnalytics

1 Comments

: Google Analytics Not Tracking Mobile Visitors A Google Analytics account I have access to seems to completely ignore visits from handheld devices. I originally noticed as the traffic count from

@Michele947

Posted in: #GoogleAnalytics #GoogleTagManager

0 Comments

: Website being indexed twice by Google Website is being indexed by Google twice. Both indexes have the right SEO information for the home page, such as title and description. However for the

@Michele947

Posted in: #GoogleIndex #GoogleSearch #GoogleSearchConsole #Seo #Wordpress

0 Comments

Login to post a comment!

1 Comments

Sorted by latest first Latest Oldest Best

@Vandalay111

First, this kind of question is better asked at security.se. It was asked there several times and has extensive answers. See for example security.stackexchange.com/questions/12531/ssl-with-get-and-post.
In short: HTTPS is just HTTP inside a TLS tunnel. This means that both HTTP request and HTTP response are protected by TLS and thus the parameter are encrypted for GET and for POST requests. But there are several reasons why you should use POST anyway, like data from GET leaking into HTTP referer, log files etc.

10% popularity Vote Up Vote Down

Feed

: HTTP and HTTPS visibility question First a little context as a lot of people have been confused by my question in the past. Everything in the 2 requests below is visible to a third party

More posts by @Michele947

: How to correctly remove parameters from the Google index? Within the GWT console under URL Parameters there are two settings that I'm not clear on. What is the difference between setting a URL

: Find percentage of sessions that include view of a single URL It's easy enough to find the percentage of views a single page has, but I'm trying to find percentage of sessions that include

: Google Analytics Not Tracking Mobile Visitors A Google Analytics account I have access to seems to completely ignore visits from handheld devices. I originally noticed as the traffic count from

: Website being indexed twice by Google Website is being indexed by Google twice. Both indexes have the right SEO information for the home page, such as title and description. However for the

Login to post a comment!

1 Comments

Back to top | Use Dark Theme