Joshua Simpson wrote:
On Thu, Feb 28, 2008 at 3:30 PM, Richard K Miller <[EMAIL PROTECTED]>
wrote:
Good point. Also, in an SSL transaction, POST variables are encrypted
but GET variables are not.
Not true. SSL establishes a connection before any HTTP data is sent. GET
is just as encrypted as POST using SSL. Still, GET variables are cached in
a variety of sources (notably, the client's browser).
Josh is right. The only unencrypted data that snoopers could see in this
case is the IP address and port number you are talking to.
Even though the query string is visible in your browser's address bar
it's still encrypted on the wire.
--Dave
_______________________________________________
UPHPU mailing list
[email protected]
http://uphpu.org/mailman/listinfo/uphpu
IRC: #uphpu on irc.freenode.net
