Occasionally, you can force an encrypted website into transferring unencrypted data by simply changing the protocol from
http in the request. While this may allow you to download the web page, this technique is a bad idea because, in addition to potentially revealing confidential data, your webbot's actions will look unusual in server log files, which will destroy all attempts at stealth.
Sometimes web developers use the wrong protocol when designing web forms. It's important to remember that the default protocol for form submission is
http, and unless specifically defined as
https by the form's
action attribute, the form is submitted without encryption, even if the form exists on a secure web page! Using the wrong network ...