cometta
Reputation: 35689
Are browser cookies and other headers visible during HTTPS?
When using a HTTPS connection are browser cookies and HTTP headers visible as plain text? That is, is only the body of the HTTP content encrypted?
Upvotes: 4
Views: 979
Answers (2)
Ed Heal
Reputation: 60007
All https is http over an encrypted connection i.e. the contents of the TCP/IP packets are encrypted.
Upvotes: 1
djd
Reputation: 5178
Both the request and response are fully encrypted – so the cookies and all headers are protected. About the only thing visible to an external sniffer is the host and remote address (IP) that you're requesting.
Upvotes: 5
Related Questions
- Reading cookies via HTTPS that were set using HTTP
- HTTP Cookies and Ajax requests over HTTPS
- Is the cookie dependent on the browser?
- Secure Cookies on http requests
- Is cookie in https secure?
- Is HTTP header Referer sent when going to a http page from a https page?
- Is a cookie secure in a HTTPS connection?
- are cookies secure from hijacking over http
- Does SSL also encrypt cookies?
- how SSL & cookies work?