Is a java request sent to an HTTPS address completely secure?

Question

Is a java request sent to an HTTPS address completely secure?

I am really trying to send SMS using CDYNE and their API. For this, I use Java and HttpGet and HttpClient objects (Httpcore and HttpClient libraries). I am sending a request to the https URL by sending parameters likehttps://www.example.com/SecureREST/SimpleSMSsend?PhoneNumber=ABC&Message=XYZ

Will there be a security problem that I am using a GET request and that all parameters are in the url? What if the content of the Message parameter in the URL contains sensitive information? Can someone sniff the network to retrieve the content or is it safe as the request is sent using HTTPS?

I believe that only www.example.com is visible during the handshake process, and when this is done, everything will be encrypted, but I just want to make sure.

+5

java https sms sms-gateway

dukable May 14, '12 at 19:35

source share

1 answer

Dave webb · Accepted Answer · 2012-05-14T19:40:44+0000

Wikipedia is pretty clear:

Please note that when a client sends an HTTPS request, the host name and port URLs are not encrypted ... However, all other parts of the HTTPS request, including the URL and request parameters, can be decrypted by the destination or by an intermediary that terminates HTTPS connection on behalf of the site.

So your faith is right. Only the host name and port are opened; the rest of the URL is encrypted.

Is a java request sent to an HTTPS address completely secure?

More articles: