Hi Wes, thanks for the response, i've been wondering myself where would be any difference, but couldn't find any, from the server point of view. Still the proxies logs are a real threat. If some one else is reading it, don't think that POST is secure, one can sniff anything from post.
Best greetings, Paweł Wielgus. 2008/10/29 Wes Wannemacher <[EMAIL PROTECTED]>: > On a get request, the password would be present in the URL - > > http://localhost:8080/yourApp/Login.action?username=username&password=yourpassword > > This is probably not a *huge* deal, but there are places where > requests might be logged... Proxy servers, etc. > > -Wes > > 2008/10/29 Paweł Wielgus <[EMAIL PROTECTED]>: >> Hi Hernán, >> >>> Of course, you should never use GET when submitting a password, but that's a >>> privacy concern you (developer) just deal when writing your jsp. >> >> could You elaborate more about the reason why? >> >> Best greetings, >> Paweł Wielgus. >> > > > > -- > Wesley Wannemacher > President, Head Engineer/Consultant > WanTii, Inc. > http://www.wantii.com >
