Encryption of HTTP POST data

Question

Encryption of HTTP POST data

I have an HTTP POST line that I run from the cpp client program on an Apache server. The following is the POST line that will be launched from clients:

"POST %s HTTP/1.0\r\n" "Host: %s\r\n" "Content-type: multipart/form-data\r\n" "Content-length: %d\r\n\r\n" "Content-Disposition: %s; filename: %s\n"

It would be nice if someone helped me understand how I can encrypt the data that is in the Content-Disposition: field. In addition, I noticed that even if I put something inappropriate to the right of the POST line, for example: "POST %s HTTPGarbage/1.0\r\n" , the transfer will happen anyway, it would be great if I were informed about it behavior.

Thanks,
Sayansk

+1

http post https

Sayan Oct 12 '10 at 5:28

source share

1 answer

Bruno · Accepted Answer · 2010-10-13T12:31:44+0000

If you use HTTPS (which is essentially HTTP over SSL / TLS), all HTTP traffic will be encrypted from the moment you establish an SSL / TLS connection (provided that you use the appropriate cipher suites) that it is before any HTTP message . Only the server certificate (which can indicate the host name) will be visible and possibly the client certificate in some cases (if you also use client certificate authentication). URLs and all HTTP headers (and content) will be protected by SSL / TLS in this way.

If you are not using the browser as a client, you can use existing SSL / TLS libraries such as NSS (Mozilla) or OpenSSL. Ensure that you have correctly configured certificate trust and host name verification.

Encryption of HTTP POST data

More articles: