stackoom
  简体   繁体   中英

Java servlet: do parameters sent with doGet() get encoded using HTTPS?

 原文  2014-10-27 18:49:09       java/ servlets

Question

If I have a java servlet using doGet() such as: 

public class MyServlet extends HttpServlet {
protected void doGet(HttpServletRequest request, HttpServletResponse response)
...
param1 = request.getParameter("param1");
...

and it gets accessed by calling https://www.mydomain.com/MyServlet?param1=hello .

Is param1 secure since I'm using https (that is, param1 is not visible to anyone but the user accessing the link)? Or, is it visible because doGet() places param1 in the HTML header? If the latter, what's equivalent doPost() look like here?

1 answers

solution1
 2 ACCPTED  2014-10-27 18:56:41

If the link originates in the https site, then its fine.

If the link does not originate in the https site, its not. Like if you literally put that link on another site, or same site using http. So if you had http://www.example.com/ and it linked to https://www.example.com/MyServlet?param1=hello then it wouldn't actually be secure because you printed out the link over plain text.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Java Servlet java.lang.NullPointerException at doGet() Java servlet synchronize doGet inside doPost Invoke the doGet Servlet method from java class Error 404 - Java Servlet Doget Controller Method Execute doGet in Servlet from java prgram Java servlet doGet() not refreshing after first call Calling Java Servlet with GET but processing request with POST - calling doPost via doGet technically still a GET action? Servlet-Cannot get a list in doGet methos Getting parameter from a doGet in Servlet using Ajax Java: get parameters like are Sent in One String, using get method
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM