如果您使用https将您的网址参数将会从嗅探安全吗？ [英] If you use https will your url params will be safe from sniffing?

问题描述

假设我的设置与可通过HTTPS访问的网页一个简单的PHP的Web服务器。 URL具有简单的参数，如https://www.example.com/test?abc=123。这是真的，在这种情况下，这里的参数就会从人们嗅探数据包安全吗？并会如果服务器不使用任何SSL证书，这是真的吗？

Suppose I setup a simple php web server with a page that can be accessed by https. The url has simple parameters like https://www.example.com/test?abc=123. Is it true that the parameter here in this case will be safe from people sniffing the packets? And would this be true if the server does not employ any SSL certificate?

推荐答案

是您的网址是从嗅探安全;然而，一个孔，很容易overlooken是，如果你的页面引用任何第三方的资源，如谷歌分析，添加内容什么，你的整个URL将被发送到引用者的第三方。如果它真的敏感它不会在查询字符串的归属。

Yes your URL would be safe from sniffing; however, one hole that is easily overlooken is if your page references any third party resources such as Google Analytics, Add Content anything, your entire URL will be sent to the third party in the referer. If its really sensitive it doesn't belong in the query string.

至于你的问题的第二部分，你不能，如果你没有在服务器上的证书使用SSL。

As for your second part of the question, you can't use SSL if you don't have a certificate on the server.

这篇关于如果您使用https将您的网址参数将会从嗅探安全吗？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！