> Pardon me for saying so, but I'm missing something obvious > in this.
> We've got a 3rd party API that we call via HTTPS. They > want the data > submitted via GET (i.e. URL strings) whereas its my > understanding that > POST would be more secure. Am I correct in my > understanding or loosing > my mind? well https is an encrypted http request... both directions as I understand it, so the request from the browser (or your server) is encrypted -- that's the get or post and then the response from their server is also encrypted... but as far as I know, it's the entire http stream (the content portion of it) that's encrypted, so it shouldn't matter whether you send url or form variables because the whole stream's going to be encrypted either way. s. isaac dealey 954.522.6080 new epoch : isn't it time for a change? add features without fixtures with the onTap open source framework http://www.fusiontap.com http://coldfusion.sys-con.com/author/4806Dealey.htm ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:213121 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
