If you think your form data is secure because it's not in the url try the FireFox Plug-In called Tamper Data.
Dave Watts wrote: >>> Anybody who's a threat to your application's security is >>> certainly aware of "view source". >>> >> And I am sure they would have access to other means such as >> packet capture...your point? >> > > My point, which should be staggeringly obvious to anyone who develops web > applications, is that placing data in a form provides no additional security > than placing data in a URL. > > Your choice of GET vs POST should be, as Jochem mentioned, determined by > what kind of operation you want to perform, not by the security or lack > thereof in either case. > > Dave Watts, CTO, Fig Leaf Software > http://www.figleaf.com/ > > Fig Leaf Software provides the highest caliber vendor-authorized > instruction at our training centers in Washington DC, Atlanta, > Chicago, Baltimore, Northern Virginia, or on-site at your location. > Visit http://training.figleaf.com/ for more information! > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/ Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:271578 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
