4 Feb
2004
4 Feb
'04
9:22 p.m.
Dennis Allison wrote at 2004-2-4 08:09 -0800:
... The parameters passed by GET and, to a lesser extent, the URLs themselves, represent a security issue in one of our systems.
Rethink what you are doing....
.... A partial solution would be to make POST not GET the standard for parameter transmital. Has anyone tried this? I suspect there are all sorts of hidden gotchas.
"POST" requests should not be cached (as they are expected to have side effects). Otherwise, there should be no problems. -- Dieter