HTTPS encrypts all concept contents, such as the HTTP headers along with the request/reaction details. Except for the probable CCA cryptographic assault explained in the limitations portion underneath, an attacker should really at most have the opportunity to find that a connection is taking place concerning two parties, as well as their area names