In fact, if u do not want the USER to see login.password, the simplest solution is to use the POST method. It will also prevent another person to look behind the back of your user. But it won't work if you want something REALLY secure ... (you should use SSL for that) Alex
Ed Sabine a �crit : > Or even better :) > > http://www.esus.com/javaindex/j2ee/servlets/servletdogetdopost.html > > All HTTP requests sent via anchor tags, <A>, use the GET method, hence the > values are passed in the url. On many browsers/servers there is an upper > size limit of 1k on the amount of information sent this way. > Thus when more information is required, or the information being sent is > sensitive, it pays to use the POST method. > > One disadvantage of using POST is that the information can't be bookmarked. > > Therefore you're given the option to choose between the two when sending > information via a form. > > Regards, > Ed > > -----Original Message----- > From: A mailing list for discussion about Sun Microsystem's Java Servlet API > Technology. [mailto:[EMAIL PROTECTED]]On Behalf Of Geert Van > Landeghem > Sent: 04 March 2002 14:22 > To: [EMAIL PROTECTED] > Subject: Re: How to hide ?user=xxxx&password=yyyy? > > ok, i know that but why are parameters shown when using > GET and not when using POST? > > -----Original Message----- > From: Dmitrij Trunikov [mailto:[EMAIL PROTECTED]] > Sent: maandag 4 maart 2002 15:07 > To: [EMAIL PROTECTED] > Subject: Re: How to hide ?user=xxxx&password=yyyy? > > Briefly, if you set attribute "method" in tag <form> to "GET" then your > sevlet > have to handle this form in method doGet(). If method is "POST" then your > sevlet have to handle this form in method doPost(). > > Geert Van Landeghem wrote: > > > No, it's set to GET. Can you explain me the differences between > > using doGet() and doPost() concerning this topic or redirect me > > to info explaining the differences between these two methods? > > > > -----Original Message----- > > From: Ed Sabine [mailto:[EMAIL PROTECTED]] > > Sent: maandag 4 maart 2002 15:05 > > To: [EMAIL PROTECTED] > > Subject: Re: How to hide ?user=xxxx&password=yyyy? > > > > Is your <form method="">set to POST? It sounds like it's set to GET. > > > > Regards, > > Ed > > > > -----Original Message----- > > From: A mailing list for discussion about Sun Microsystem's Java Servlet > API > > Technology. [mailto:[EMAIL PROTECTED]]On Behalf Of Geert Van > > Landeghem > > Sent: 04 March 2002 14:02 > > To: [EMAIL PROTECTED] > > Subject: Re: How to hide ?user=xxxx&password=yyyy? > > > > Ok, but I'm asking the user to enter > > these values in textfields in a form. > > > > -----Original Message----- > > From: Dmitrij Trunikov [mailto:[EMAIL PROTECTED]] > > Sent: maandag 4 maart 2002 14:50 > > To: [EMAIL PROTECTED] > > Subject: Re: How to hide ?user=xxxx&password=yyyy? > > > > Hi! > > You can use hidden parameters in html page: > > > > <input name="user" type="hidden" value="???"> > > <input name="password" type="hidden" value="???"> > > > > Geert Van Landeghem wrote: > > > > > Does anyone know how to hide parameters in the URL > > > when using the doGet() method? I just don't want > > > parameters and their value being shown in the > > > address bar. > > > > > > > > ___________________________________________________________________________ > > To unsubscribe, send email to [EMAIL PROTECTED] and include in the > body > > of the message "signoff SERVLET-INTEREST". > > > > Archives: http://archives.java.sun.com/archives/servlet-interest.html > > Resources: http://java.sun.com/products/servlet/external-resources.html > > LISTSERV Help: http://www.lsoft.com/manuals/user/user.html > > > > > ___________________________________________________________________________ > > To unsubscribe, send email to [EMAIL PROTECTED] and include in the > body > > of the message "signoff SERVLET-INTEREST". > > > > Archives: http://archives.java.sun.com/archives/servlet-interest.html > > Resources: http://java.sun.com/products/servlet/external-resources.html > > LISTSERV Help: http://www.lsoft.com/manuals/user/user.html > > > > > ___________________________________________________________________________ > > To unsubscribe, send email to [EMAIL PROTECTED] and include in the > body > > of the message "signoff SERVLET-INTEREST". > > > > Archives: http://archives.java.sun.com/archives/servlet-interest.html > > Resources: http://java.sun.com/products/servlet/external-resources.html > > LISTSERV Help: http://www.lsoft.com/manuals/user/user.html > > > > > ___________________________________________________________________________ > > To unsubscribe, send email to [EMAIL PROTECTED] and include in the > body > > of the message "signoff SERVLET-INTEREST". > > > > Archives: http://archives.java.sun.com/archives/servlet-interest.html > > Resources: http://java.sun.com/products/servlet/external-resources.html > > LISTSERV Help: http://www.lsoft.com/manuals/user/user.html > > ___________________________________________________________________________ > To unsubscribe, send email to [EMAIL PROTECTED] and include in the body > of the message "signoff SERVLET-INTEREST". > > Archives: http://archives.java.sun.com/archives/servlet-interest.html > Resources: http://java.sun.com/products/servlet/external-resources.html > LISTSERV Help: http://www.lsoft.com/manuals/user/user.html > > ___________________________________________________________________________ > To unsubscribe, send email to [EMAIL PROTECTED] and include in the body > of the message "signoff SERVLET-INTEREST". > > Archives: http://archives.java.sun.com/archives/servlet-interest.html > Resources: http://java.sun.com/products/servlet/external-resources.html > LISTSERV Help: http://www.lsoft.com/manuals/user/user.html > > ___________________________________________________________________________ > To unsubscribe, send email to [EMAIL PROTECTED] and include in the body > of the message "signoff SERVLET-INTEREST". > > Archives: http://archives.java.sun.com/archives/servlet-interest.html > Resources: http://java.sun.com/products/servlet/external-resources.html > LISTSERV Help: http://www.lsoft.com/manuals/user/user.html -- Alexandre Bord Division Steria T�l�com D�partement Telecom Conseil OSS (TCO) 12, rue Paul Dautier - B.P. 58 - 78142 VELIZY CEDEX 01 34 88 62 45 - fixe ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
