Reply content:
All of the data in HTTP itself is unencrypted. To be exact, HTTPS is not a protocol, but a combination of HTTP and SSL two technologies.
SSL is Secure Socket layer, secured sockets layers, and sometimes becomes TLS (Transport layer Security), is an extended layer between the transport layer and the application layer, can transparently encrypt the application layer data and send it through the transport layer. Therefore, an HTTP message is used for SSL transmission,
from HTTP headers to principals are encrypted。 HTTP is the protocol for the application layer HTTP is the protocol for the application layer
Look again
The principle of using the lower layer protocol from the application layer to the computer network protocol is to add the corresponding header information at each level. The principle of using the lower layer protocol from the application layer to the computer network protocol is to add the corresponding header information at each level.
The following is the application layer protocol HTTP
The following is the TCP protocol message, the data is partially populated with the contents of the HTTP protocol The following is the TCP protocol message, the data is partially populated with the contents of the HTTP protocol
Then answer the question of the main problem, the HTTP protocol is the whole is encrypted to fill the packet data portion of the TCP protocol, so not only the data portion of the Post TCP layer payload data is encrypted. The first thing you can tell you very clearly is that accessing an HTTPS site regardless of the data in the GET request or the POST request is
EncryptOf Do not believe you can refer to PHP $_get and $_post functions. Value is not submitted to PHP file, I do not see in the Address bar php suffix name? -Arms king Mori sauce answer the inside of the method to do a small grab bag, and then search by keyword string.
As for the one who said the domain name is not encrypted, which is intercepted by crawling ordinary DNS packets, and the SSL/TLS protocol itself does not matter. If you use Dnscrypt to avoid direct disclosure of access to the domain name, but the IP address is public, technically there is no way to indirectly obtain access to the domain name. Is the encryption should be first the client first encrypted, after the transmission. SSL is not the same as TLS, but they are similar, and TLS is the successor to SSL.
SSL is a binary protocol, and HTTP is a character-based protocol. If the address begins with HTTPS, the client first connects to port 80 of the target server using the HTTP protocol (this process is not encrypted). This process exchanges the version number of the two parties ' agreement, selects the password that both parties know, verifies the identity of both parties, and generates a temporary session key. The client then communicates with the server using the corresponding parameters, starting from where it was encrypted. Not encrypted, HTTP itself does not provide encryption, and the encrypted data you see in the capture package is encrypted by the session layer (SSL) below HTTP.
