HTTPS request break down

Question

can my ISP know what I am doing on facebook from my requests? "/profile.php?id=101010101010" "/john.profile"

or they can just know I browse [facebook.com] over HTTPS?

So if I'm reading this right, you want to know if a request made from the index.php file will travel over HTTP or HTTPS, given that you reached the index.php page from an HTTPS connection? — Ohnana, Dec 04 '15 at 14:53
GET request is made from Client->Server asking for the "/home/index.php" over HTTPS — raphael148, Dec 04 '15 at 15:01
No, just when you have some GET-parameter in the request uri like index.php?path=... — Daniel Ruf, Dec 04 '15 at 15:03
so when I am asking for the "/home/index.php" over HTTPS (domain.com) I am just exposing an HTTPS request over domain.com or the filepath too "/home/index.php" ? — raphael148, Dec 04 '15 at 15:04
Nothing is exposed here at least as the transport is encrypted using TLS. — Daniel Ruf, Dec 04 '15 at 15:05
Also see http://security.stackexchange.com/questions/30976/can-urls-be-sniffed-when-using-ssl — Polynomial, Dec 04 '15 at 15:16

score 1 · Accepted Answer · edited Mar 17 '17 at 10:46

1

No, your ISP can not see this.

edited Mar 17 '17 at 10:46

Community

answered Dec 04 '15 at 15:04

Daniel Ruf

This is not correct, or is at least very misleading. GET parameters are encrypted. – Polynomial Dec 04 '15 at 15:16
You can still see them in logfiles even when you use HTTPS – Daniel Ruf Dec 04 '15 at 15:19

1 Answers1