You should definitely be using a POST request - an important aspect of
the design of any web application is that get requests should not
change server side state, for this exact reason.
http://stackoverflow.com/questions/46585/when-do-you-use-post-and-when-do-you-use-get
--
You received this mes
On Fri, Mar 04 2011, Szabo, Patrick (LNG-VIE) wrote:
> 127.0.0.1:800/93/1
>
>
>
> This would delete an object with the id 93.
>
> This is very unsecure and once the user notices how this works he
> could delete any object he wants.
>
>
>
> How can i make this more secure ?!
There's pretty muc
2 matches
Mail list logo
