Is my form password being passed in clear text?

Posted by liinkas on Stack Overflow See other posts from Stack Overflow or by liinkas
Published on 2008-09-28T15:58:40Z Indexed on 2010/04/23 2:13 UTC
Read the original article Hit count: 350

Filed under:

http

|

html-form

|

post-method

This is what my browser sent, when logging into some site:

POST http://www.some.site/login.php HTTP/1.0
User-Agent: Opera/8.26 (X2000; Linux i686; Z; en)
Host: www.some.site
Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
Accept-Language: en-US,en;q=0.9
Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
Referer: http://www.some.site/
Proxy-Connection: close
Content-Length: 123
Content-Type: application/x-www-form-urlencoded

lots_of_stuff=here&e2ad811=my_login_name&e327696=my_password&lots_of_stuff=here

Can I state that anyone can sniff my login name and password for that site? Maybe just on my LAN?
If so (even only on LAN ) then I'm shocked. I thought using

<input type="password">

did something more than make all characters look like ' * '

p.s. If it matters I played with netcat (on linux) and made connection
browser <=> netcat (loged here) <=> proxy <=> remote_site

© Stack Overflow or respective owner

Related posts about http

Cannot update, apt-get cannot fetch index files

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have a fresh install of Ubuntu 11.10 from the iso 'ubuntu-11.10-desktop-amd64.iso'. I installed this in VMWare Fusion 4.1.1 running on OSX 10.7.3. When setting up the VM, I allowed easy install to take care of creating my user and installing VMWare tools. No problems during installation, everything… >>> More
the size of apt-get update lists is too big

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I ran a clean install to Ubuntu 12.04 and so far everything has been working well. I especially commend the Ubuntu team for this release. I only noticed that the size of repository update is now about ~13MB. Normally, it is about this size for the first time you run apt-get update after a clean install… >>> More
Quantal: Broken apt-index, cant fix dependencies

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I can't seem to add/remove/update packages Ubuntu software update has a notice about partial upgrades but fails Seems to be similar to this problem $ sudo apt-get update Ign http://archive.ubuntu.com quantal InRelease Ign http://security.ubuntu.com precise-security InRelease Ign… >>> More
12.04: Apt-Get Update: failure to fetch; can't connect to any sources

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I realize there are dozens of "apt-get update: failure to fetch" questions (I read through all I could find), but my present circumstance is unique to 12.04 and it affects all sources; not just launchpad. Additionally, I've tried several different servers in Europe and the U.S. as well as the "main… >>> More
How can I remove the Translation entries in apt?

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
This is the output of aptitude update: Ign http://archive.canonical.com natty InRelease Ign http://extras.ubuntu.com natty InRelease Ign http://dl.google.com stable InRelease Ign http://security.ubuntu.com natty-security InRelease Hit http://deb.torproject.org natty InRelease Get:1 http://dl.google… >>> More

Related posts about html-form

HtmlForm.Action and .Net Framework 2.0/3.5 Query

as seen on Stack Overflow - Search for 'Stack Overflow'
Disappointingly, the members page for HtmlForm 2.0 is missing... My research seems to indicate that HtmlForm.Action is a property that was added in .Net Framework 3.5. However, I'm using VS2005 and my reference to System.Web (the namespace HtmlForm is under) is to a .Net Framework 2.0 runtime version… >>> More
Posting from ASP.NET WebForms page to another URL

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
Few days ago I had a case when I needed to make FORM POST from my ASP.NET WebForms page to an external site URL. More specifically, I was working on implementing Simple Payment System (like Amazon, PayPal, MoneyBookers). The operator asks to make FORM POST request to a given URL in their website,… >>> More
Problem uploading .docx through html form

as seen on Stack Overflow - Search for 'Stack Overflow'
I've made a simple form, with the proper enctype for uploading files. When i try to upload a .docx everything works fine in IE 8 and Safari, but in Firefox or IE 7 or 6 i can't even click submit, nothing happens! Could this still be a server issue? It's an apache server. Everything works fine if… >>> More
Servlet, JSP, JavaBeans and HTML form

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I'm working on a servlet that makes a connection to a database gets the information of one of the tables ans sends this information to a jsp file. This file will print on the brower the information table, adding radio buttons that allows us to choose one of the rows. The servlet looks like this: List<InfoBean>… >>> More
HTML form and a file element

as seen on Stack Overflow - Search for 'Stack Overflow'
Is is possible to insert value in an input element of a html form if the element is of type "file"? How to do so, if it is possible? >>> More