Greetings fellows
I have an inquiry about a funcionability. I have sensible data in the url, like reservationCode and I can’t assure if the data is sent by https because all I have is code, nothing else.
Should I look in the config files?
Hi…
Even if the application is using HTTPS, sensitive data should not be send in the url because that data could be saved in the browser’s history.
What “sensible” data are they transferring on the url?
1 Like
sorry for my late reply.
I can’t try that because is just code, there is no way to check if is going through http
It does not matter if application is using http or https, sensitive data must not be sent in the url.