Hey all... I've got a problem that I would like some ideas on...
I have an https (secure site) and I would like to pass a variable from javascript back to the server via an ajax call. The variable is sensitive and I would like to keep it secure. If I request the ajax page with the url variable, will it be encrypted with https? The web being what it is seems to show some disagreement on this issue. I have read that the entire url (including the variables) is sent in the clear. However, I saw somewhere else that only the domain is in the clear when the dns request is made; after the DNS request, the secure socket is created and everything including the path, filename. and any variable is encrypted through SSL. Does anyone know for sure which of the above is correct? are url parameters encrypted on SSL connections? If they are not encrypted, does anyone have a good solution to encrypt, or is my best bet to change from a GET to a POST request for security? Thanks, Frank ------------------------------------------------------------- To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -------------------------------------------------------------