post data from https to http

fobster

im assuming i have this correct.

when you request data via https, it comes to the browser encrypted

but what if you post data to a page that is not ssl encrypted, does that mean that the data sent to the server is encrypted and the page returned by the server is not encrypted??

thx

Wynder

It doesn't come to the browser encrypted -- rather, it's sent over an encrypted pipe. On either end it's still plain text. You're fine sending post data HTTPS to HTTP and vise versa.

fobster

Thx for your response. i just want to clarify. So if it's sensitive data im sending, it should be ok if i post the data from https to http? the sensitive data will still be sent through the encrypted pipe???

Wynder

Unless you browse to https it is sent plain text... I thought you were trying to figure out if POST data would be encrypted someway when you actually tried to manipulate it.

mmilano

the uri you are sending the data to must begin with https.

fobster

thx 🙂, this info helped