The process of sending a plain HTTP request over HTTPS is not as straightforward as it seems. When a web application sends an HTTP request, it typically uses the default port number 80 for unencrypted connections. However, due to the widespread use of HTTPS (Hypertext Transfer Protocol Secure) in modern web applications, many servers now require encrypted connections using ports 443 or even custom ports specified by the server.
For instance, if a web application uses a secure connection with HTTPS, it will typically use port 443. However, some servers may specify additional ports, such as port 8443, which is used for non-SSL/TLS connections. In this scenario, an attacker could potentially exploit the difference in port usage by sending a plain HTTP request over the insecure port.
To mitigate this risk, web developers and security professionals should be aware of the differences in port usage between HTTPS and unencrypted connections. By specifying the correct port number when establishing an encrypted connection, users can ensure their data remains secure online.
In conclusion, while sending plain HTTP requests over HTTPS ports may seem straightforward, it's essential to understand the differences in port usage between unencrypted connections and secured connections. By being aware of these differences, users can take necessary precautions to protect their data online.
https://conferences.law.stanford.edu/ipsummerschool2022/2013/12/29/et-auctor-tortor-nunc