Securely posting data to https endpoint programmatically, no browser

Question

Is the data secure if posted programmatically (not through a browser) to an https endpoint? My understanding is browser encrypts data and sends it to https endpoint. How can a Ruby or Node.js or any other program do the same?

Answer 1

I think I understand what you mean and that question has been answered. However, I would just point out that HTTPS does not make your data secure, only the connection and even that is only encrypted from eavesdropping which is not really secure.

There is, of course, lots more to think about and do to make your data secure end-to-end.

Answer 2

I checked node.js request library as well as Ruby HTTParty libraries. Both these support SSL encryption based on proper options (port: 443 etc.). In general if we use any well supported library that enables HTTP gets and posts, we should be covered in terms of transmitting data securely to the https endpoint.

Answer 3

Yes. If you connect to an https endpoint with curl, wget, or whatever library, the transfer is secure from the source of the connection to the destination. That source could be a server (your webserver) or the client browser.

However, if it's done in client side JS or other browser scripting language, you have to make sure the initial request from client to your site is secure as well if first passing secure data to the client for it to pass to the destination https server.