I'm using
Java Scripts for send Ajax requests. Please look at the following code fragment:
var url="/ajaxr.do";
url=url+"?username"+username;
url=url+"&password="+password;
url=url+"&sid="+Math.random();
xmlHttp.onreadystatechange=stateChanged;
xmlHttp.open("GET",url,true);
xmlHttp.send(null);
In the above example, I'm sending a password as a Http GET request. Now I have two questions.
1. Sending a password as a GET request, is not good for security. So, how can I send it as a POST request?
2. If the password contains some special symbols (eg: ? % & #), then the request will be failed with the query
string! How can I solve this?
Please kindly provide an answer for this.
Thanks,
Treimin.