Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Is there any inherent “safety” with using POST instead of GET? Example, if I have a page that is open to sql injection, does POST somehow keep me safer? I know it won’t make my code better, or fix my sql injection problem or any of that (just an example), but in general, can POST help a webpage be safer, regardless of what it does?
POST will do nothing for security injection.
The only possible security consideration for POST over GET is that information won’t be leaked in the HTTP referrer to sites that are linked to from the page.
It also means that the information won’t be in your webserver logs, which can be a vector for finding potential exploits … but it also means that they won’t be available for debugging unless you take alternate measures for logging the values.