WebApp Sec mailing list archives
Re: When GET = POST?
From: "Steven M. Christey" <coley () linus mitre org>
Date: Mon, 11 Nov 2002 21:22:12 -0500 (EST)
The popular Perl module CGI.pm creates a CGI "object," and parameters are handled through a param() method on that object, which basically hides whether the input came from GET or POST methods. See: http://stein.cshl.org/WWW/software/CGI/#named_param Start at "Fetching The Names Of All The Parameters Passed To Your Script" It wouldn't surprise me if other Perl CGI modules had the same abstraction layer. From the program's point of view, you rarely care about what method is being used (unless you specifically choose POST to avoid information leaks from GET, and/or your program requires a lot of input data, as mentioned in previous posts). One reason for preferring GET, as far as I can see, is the ease of inserting simple links into web pages without requiring forms. - Steve
Current thread:
- Re: When GET = POST?, (continued)
- Re: When GET = POST? David Bullock (Nov 09)
- RE: When GET = POST? Tony Welsh (Nov 09)
- Re: When GET = POST? Adrian Wiesmann (Nov 10)
- Re: When GET = POST? Kevin Spett (Nov 11)
- Re: When GET = POST? Jason Childers (Nov 11)
- Re: When GET = POST? Charles Miller (Nov 11)
- Re: When GET = POST? Jeff Dafoe (Nov 11)
- Re: When GET = POST? Jason Healy (Nov 11)
- Re: When GET = POST? Kevin Spett (Nov 12)
- Re: When GET = POST? Daniel Hedrick (Nov 12)
- Re: When GET = POST? Jeff Dafoe (Nov 11)
- Re: When GET = POST? Steven M. Christey (Nov 11)
- RE: When GET = POST? Glyn Geoghegan (Nov 14)
- RE: When GET = POST? Glyn Geoghegan (Nov 14)