What's the security difference between GET and POST. This has nothing to do with security.
Semantically and for the sake of REST: If you use a form to retrieve something from your application, it may even more make sense to use a GET. On the other hand if you change something (add/update) with your form you should definitely use a POST. Cheers, Timo On Aug 13, 2:09 pm, "Chris Hartjes" <[EMAIL PROTECTED]> wrote: > On 8/13/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > > > > A small request for developers of Security component. :-) Please make > > an ability to switch off form data validation and autocreation of > > hidden '__Token' fields when using Security and form/ajax helper in > > Cake 1.2. > > > I know about Controller->disableFields. But automatically generated > > __Tokens are inserted into the form anyway. This is not good for forms > > with GET method. > > Why would you EVER use a form that uses the GET method. That's like > PHP security 101. > > -- > Chris Hartjes > Senior Developer > Cake Development Corporation > > My motto for 2007: "Just build it, damnit!" > > @TheBallpark -http://www.littlehart.net/attheballpark > @TheKeyboard -http://www.littlehart.net/atthekeyboard --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---