Programming Tips - What's more secure, HTTP's GET or POST?
Q. What's more secure, HTTP's GET or POST?
A. They both send the user-entered data as plain text
(unless you are using SSL).
With GET the user sees when he entered (including hidden variables)
in the URL in his browser's address bar. URLs have a practical
length limit so GET should not be used when there is tons of
data. Also a messy URL is ugly.
URLs are logged by the webserver so you don't want a password in a URL.
In conclusion: POST is a bit more secure since user input isn't logged
(by the webserver anyhow)