Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Security  RSS feed

 
Jeff Dube
Ranch Hand
Posts: 44
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,
I am working with a form and i need some explanation about the <form method> and the <enctype>.
What is the difference between get and post (method) and wich enctype should i use to have a secure form. Is it possible to hide the informations in the url when i submit my form to my jsp page?
Thank you, everything is unclear to me...
Jeff
 
DC Dalton
Ranch Hand
Posts: 287
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The get & the post methods are completely different. The get appends the form info to the url & sends it that way (IE: www.somwhere.com/programOrJspPage?username=username&password=password. The post on the other hand sends the form info via a packet. NEVER EVER use a get method with sensative information! It can be grabbed in a second. Rule of thumb is "if your just requesting (or sending) a page name or something like that you use get.....if your sending form info use post". The enctype attribute of the form tag is used to specify the MIME type of info your sending. IE: enctype=multipart/form-data specifies that not only the form info is being sent to the server but the user is also sending files (Photos, documents, whatever) The enctype really has no bearing on the security......its MIME type......hope that helps
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!