J. Doe
Reputation: 915
Why is header and body not encrypted when using HttpClient HTTPS requests?
Consider the following function:
private string ServerUrl = "https://api.myserver.com";
public async Task<T> PostRequest<T>(string hook, HttpContent content)
{
try
{
var response = await http.PostAsync(ServerUrl + hook, content);
var contentString = await response.Content.ReadAsStringAsync();
return Serializer.ToJsonObject<T>(contentString);
}
catch
{
return default(T);
}
}
Now it works correctly, but as I'm making requests to HTTPS shouldn't header and body be encrypted?
I'm checking things with Fiddler v4 and it isn't.
Is there something I am missing or don't quite understand how that should work?
My server uses LetsEncrypt! Self-signed certificate.
Upvotes: 0
Views: 158
Answers (1)
squillman
Reputation: 13641
Fiddler can decrypt the content before it's displayed to you in the UI. Do you have this setting enabled?
Upvotes: 1
Related Questions
- HTTPS GET call using HttpClient
- HttpClient post produces wrong headers and no body
- c# HttpClient with https gets 400 Bad Request - but http works
- Why am I getting encrypted data back from an API call?
- How to assure that data gets encrypted when using POST in httpClient
- What are the details of how HttpClient handles encryption?
- HttpClient does not decrypt HTTPS without Fiddler
- HttpResponseMessage missing headers while using HttpClient but fiddler finds it
- Do HttpHeaders get encrypted when not using https
- Encryption of HTTPS headers