开发者

Is it a secure SSL data transmission? Or not?

开发者 https://www.devze.com 2023-02-12 23:19 出处:网络
I want to get an information from one website into a php script on another website via https. I read at www.php.net on the page of the fopen开发者_如何学C() function that this function supports HTTPS

I want to get an information from one website into a php script on another website via https. I read at www.php.net on the page of the fopen开发者_如何学C() function that this function supports HTTPS protocol.

But is it really secure SSL transmission? Is GET variable "private" value is visible on the network or not? Do I get $contents value securely?

$filename = 'https://www.somesite.com/page.php?private=45456762154';

$handle = fopen($filename , 'r');

$contents = stream_get_contents($handle);

fclose($handle);


You can check by using a tool such as Wireshark. This tool will intercept the network traffic and tell you which protocol it is travelling as, and allow you to inspect the packet contents. If it's unintelligible, it's SSL :-)

As an aside, if you're using a browser (which you're not), a similar tool is Fiddler to inspect the HTTP traffic your browser is seeing.


check out this answer, https URL with token parameter : how secure is it?

In short, it is bad idea to have secure params as GET variables because the URLs get logged at servers and gets passed around in Referer headers.

0

精彩评论

暂无评论...
验证码 换一张
取 消