serializeForm

Hi folks..

I could see that "JQuery ajax searializeForm" send the data via GET.. can be this a security issue?.. the sending data is registrer in the proxies..

would be better to send data by post, at least in this case??

Best

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside

> I could see that "JQuery ajax searializeForm" send the data via GET.. can be
> this a security issue?.. the sending data is registrer in the proxies..
>
> would be better to send data by post, at least in this case??

Proxies can also look at the request body.

Lukas

--
Lukas Renggli
www.lukas-renggli.ch
_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside

On Wed, Dec 22, 2010 at 10:22 AM, Diogenes Moreira
<[hidden email]> wrote:
> Hi folks..
>
> I could see that "JQuery ajax searializeForm" send the data via GET.. can be
> this a security issue?.. the sending data is registrer in the proxies..
>
> would be better to send data by post, at least in this case??

I do not think there is substantial difference between GET and POST in
that regard. If you do have sensitive data than you should at least
move to SSL

rush
http://www.cloud208.com/
_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside

Yes, but the typical log configuration of proxies is loging the url and the http result.

may be an "Security Expert" (such as in Dilbert :P ), can be open Issue for this..

But, and  Davorin are right.

Best.



_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside