i have a question if using SSL will encrypt both the query string and the Post request body which contain the fields values ?
and if the answer is yes,,
Then does this mean that i can be 99% confidence than an attaker will not be able to modify both the query string & the post body request?
BR
Then does this mean that i can be 99% confidence than an attaker will not be able to modify both the query string & the post body request?
SSL only encrypts and hide the information from a third party. However the hackers own request he can do whatever he wants with them, even if they are sent encrypted. As I said SSL only protects against a third party, not anything else.
A golden rule in all web development is, NEVER trust input data, Encrypted or not.
even if the attacker is Authenticated using a username and password to my web site.
The hacker can send whatever he see fit to the server, his request will be encrypted and protected against a third party, but he can send just whatever he want and your code, if you do not folow the line of never trust input data, he might breach into your server yeah.
So yet again SSL ONLY protects against a third party ( and even that some times not )
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With