<http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/avoid-get-non-queries.html> lists some problems to consider.
Mitchell Stoltz wrote: > Those long query strings can serve both purposes - security and > customization. They do roughly the same thing as cookies, although > each has its advantages and disadvantages. > Justin wrote: > >> I'm a newbie to web app security. Are URLs you see with long >> querystrings, >> for security reasons or to allow the end user to add to favourites >> (get the >> exact same page/situation back- url integrity). I'm learning how to >> maintain >> a 'session' with a logged-in user. >> >> Tks >> Justin >> >> >> > > >
