I think there is some misunderstanding between GET and POST. As long as you are over an https (encrypted) connection than all headers are encrypted and cannot be seen by an ISP or anyone in between you and us.
posted by yegg Staff4 years and 8 months ago Link

To further clarify what @yegg is saying, because the HTTPS GET requests are encrypted, it means your ISP cannot see the URL you've requested. They will only see a request has been made to the hostname, "".
posted by Moollaza Staff4 years and 8 months ago Link
Thanks for the responses, and for clarifying this issue. I'd be curious to see if the person who originally posted this topic is satisfied with the level of security you've described, as they seem to know more about this issue than I do.
posted by <hidden> • 4 years and 8 months ago Link
My apologies to all; this is the OP, and I have been on an island with no internet access (!) for nearly three weeks. I was indeed mistaken. https: does encrypt the query string. Thanks for pointing this out. Whether this is a complete solution, I'll leave for the future.
posted by <hidden> • 4 years and 7 months ago Link