Paul Clapham wrote:And going back to Bear's answer; it contains the implicit suggestion that you should find out the criteria for when GET and POST are acceptable. Then once you have done that, apply those criteria to your question.
Bear Bibeault wrote:"sensitive data" is never a criteria for deciding whether to use a POST or a GET. A POST is no more "secure" than a GET.