从HTTP提交到HTTPS的数据:是否已加密? [英] Data submitted from HTTP to HTTPS: is it encrypted?

问题描述

我在一个不安全的网站(HTTP)上有一个表单.当用户单击提交时，数据被POST加密到一个安全的网站(HTTPS).

数据加密了吗?

换句话说，加密是否取决于当前页面的协议，数据所提交到的URL，或者如果两个站点之一使用SSL总是将其加密吗?

我知道，我知道，显而易见的解决方案是保护第一个站点.不幸的是，目前这不是一个选项.

I have a form on an unsecured website (HTTP.) When the user clicks Submit, data is POSTed to a secure website (HTTPS.)

Is the data encrypted?

In other words, does encryption depend on the protocol of the current page, the URL to which the data is being submitted, or will it always be encrypted if one of the two sites is using SSL?

I know, I know, the obvious solution would be to secure the first site. Unfortunately, that is not an option at this time.

推荐答案

不，您发送初始POST请求时未加密.服务器对该请求的响应将建立加密会话，之后的所有内容都将被加密，只要它停留在HTTP上即可.

No, it''s not encrypted when you send the initial POST request. The response from the server to that request will setup the encryption session and everything after that will be encrypted, so long as it stays on HTTP.

这篇关于从HTTP提交到HTTPS的数据:是否已加密?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！