Prove it -- the FIRST connection is in plain text
between the browser and the client
with the FULL URL
maybe it is
31
down vote
New answer to old question, sorry. I thought I'd add my $.02
The OP asked if the headers were encrypted.
They are: in transit.
They are NOT: when not in transit.
So, your browser's URL (and title, in some cases) can display the querystring (which usually contain the most sensitive details) and some details in the header; the browser knows some header information (content type, unicode, etc); and browser history, password management, favorites/bookmarks, and cached pages will all contain the querystring. Server logs on the remote end can also contain querystring as well as some content details.
security - Are HTTPS headers encrypted? - Stack Overflow
who fucking cares if it is not confidential data the WHY THE FUCK does in matter?
You boss finds out you are wanking on the job? are you that gullible?
Jump for joy LMAO