Encryption of GET and POST request parameters

1

I am a beginner in java and I am studying java web, mainly Servlets and JSP. And I need to develop a web application as a college work, focused on security. For this I would like to encrypt the parameters of the URL's (in GET) and also the parameters passed in the header via POST. I would like to do this manually, without using HTTPS.

But the question is how this architecture would work (calling a class that encrypts / decrypts every time it enters a page). Has anyone done anything like this? Would you have a tip?

    
asked by anonymous 12.08.2016 / 19:30

1 answer

3

You would use some asymmetric key algorithm, and it would encrypt the GET query string or the body of the POST request using the public key before sending it to the server (use javascript to do this ). On the server you retrieve the original information by decrypting it with the private key.

However, I do not recommend you follow this line for your college work. What you're trying is just a way to reinvent a square wheel. That is, a homely and mediocre solution for a problem for which there is already a much superior, standardized and widely known solution.

    
12.08.2016 / 19:38