What is the difference between GET/POST in HTTP or HTTPS requests?

Question

Is there any difference between how GET/POST works while in HTTP or HTTPS protocols? What is visible in HTTPS GET/POST packet when you try to sniff the data? host IP? domain name? full GET request? What information TLS hides after successful handshake?

I can't seem to close this knowledge gap by looking in the internet, there's just no such question asked.

Please advice, make it reference for the internet.

Answer 1

SSL operates between the TCP and HTTP protocol layers. The browser will first lookup the server ip via DNS. This is a plain text lookup that can be sniffed. It will then contact the server on port 443 and establish an encrypted channel. Only then will it send an encrypted POST or GET request URL for the server to fulfill.

• IP addresses are not secured in any way.
• Server name is exposed in the DNS lookup.
• GET and POST URLs and server content responses are encrypted.