Hacker News new | past | comments | ask | show | jobs | submit login

> Browsing on Amazon was not encrypted until quite recently. Add To Cart wasn't encrypted.

What do you mean by this? HTTPS has always been supported for browsing and adding to cart.




I think this varied by country. I was working on some HTTPS advocacy targeted at web sites before it was so ubiquitous, and I remember Amazon in the U.S. not allowing you to browse items with HTTPS probably sometime around 2010 (I think they would send a redirect back to the HTTP site).


> HTTPS has always been supported for browsing and adding to cart.

HTTPS was only experimentally supported by one browser when Amazon launched so this is clearly not the case, is it?


Definitely not in the EU. It changed 5 or 8 years ago, but before that is was not encrypted.


Even taking into account the comments below, you can still see the URLs and thus determine the products folks are browsing even with SSL.


No you can't. You can only see the domain during initial protocol setup.


Unless you have NSA-level haxx to break SSL. Wonder who might have some knowledge on the topic..




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: