Reputation: 435
HTTPS POST data is not encrypted
I am trying to understand in practice, what are the differences between POSTING data using the same web page with and without SSL (HTTPS) so I've created a PHP file with a single form, a textfield and a button to post data and I didn't notice any changes on the headers except one CACHE variable.
For instance, after posting the form, under the Network tab of the Developer Tools, I can fully read the header and form contents in both connections with or without SSL.
My question is: With a https:// localhost POST, aren't this headers suposed to appear encripted?
Upvotes: 0
Views: 781
Answers (2)
Reputation: 173652
SSL is an end-to-end encryption between the web server and the web browser; this means that the traffic in between those two endpoints is encrypted.
Since you're at one end (the browser), you can see what has been sent and received, but someone in between can't.
Upvotes: 3
Reputation: 944320
The entire request and the response will be encrypted between the browser and the server.
Since you are looking at the headers using the browser, you won't see the encrypted form of the data as it has access to the unencrypted version.
Upvotes: 0
Related Questions
- I can't get $_POST parameters in php once website SSL done
- Does HTTPS make POST data encrypted?
- error posting data with curl and ssl
- PHP cURL provides SSL-Error AFTER sending the data?
- How to send HTTPS posts using php
- PHP post data to an HTTPS page
- POSTing to https form not always working
- SSL post in php
- POST data encryption - Is HTTPS enough?
- can't submit a form via POST with PHP over SSL