Incorrect, they are both equally INSECURE. One could argue that a post is slightly hidden by a thin veil. But it is not hard to look behind that veil and get all the data.
-------------- Ian Skinner Web Programmer BloodSource www.BloodSource.org Sacramento, CA "C code. C code run. Run code run. Please!" - Cynthia Dunning ....-----Original Message----- ....From: Damien McKenna [mailto:[EMAIL PROTECTED] ....Sent: Thursday, July 28, 2005 8:30 AM ....To: CF-Talk ....Subject: OT: Security of GET vs. POST via HTTPS? .... ....Pardon me for saying so, but I'm missing something obvious in this. .... ....We've got a 3rd party API that we call via HTTPS. They want the data ....submitted via GET (i.e. URL strings) whereas its my understanding that ....POST would be more secure. Am I correct in my understanding or loosing ....my mind? .... ....Thanks. .... ....-- ....Damien McKenna - Web Developer - [EMAIL PROTECTED] ....The Limu Company - http://www.thelimucompany.com/ - 407-804-1014 ....#include <stdjoke.h> .... .... .... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:213118 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54