HTTPS encrypts all information contents, including the HTTP headers and the ask for/response data. With the exception of the possible CCA cryptographic attack described in the restrictions section under, an attacker must at most have the opportunity to find that a connection is happening among two parties, together with their area names and IP addr