Someone please tell me if query string parameters are encrypted if GET request is made using HTTPS.

Thanks

Yes, the query string portion of an HTTPS GET request will be encrypted when it travels through the network.

But if the information is sensitive enough to be transmitted via SSL, it should be sent via a POST and not a GET. URLs can be stored in many unsecure ways (written to log files, bookmarked, posted to forums, etc.) so appending sensitive data to them is not wise.

although it is encrypted anybody can view the data that is being sent once u click submit button. But I have seen no changes if you replace GET by POST. The POST parameters are also shown as query string