Skip to content

plaintext-client-request

Ensure XHR requests use encrypted transport

Sending XHR requests via fetch or the axios package should always be done over TLS using the https protocol and not sent in plaintext over the http protocol.

Examples

Insecure Example

fetch('http://www.example.com', 'POST', {})

axios({ method: 'POST', url: 'http://www.example.com' });

Secure Example

fetch('https://www.example.com', 'POST', {})

axios({ method: 'POST', url: 'https://www.example.com' });