At 06:06 AM 6/25/02 -0500, David T-G wrote: >If the variables are in the page to be in the form to be >sent back via POST, then the user can find them, period. > >Try it yourself: set up something via POST and then surf to the page >and then "view source" or the equivalent in your browser (and if there >isn't an equivalent then find a browser, even if just for a moment, >that DOES have it) and look and see your data hanging right out there >for all to see.
David, Sorry but I don't get what you mean here. When I have a page call a program with info from a form being posted then the program picks up the data and then creates whatever output web page is appropriate. The posted data comes in via STDIN so unlike a GET where the data is actually part of the URL, in a POST it isn't viewable from the browser. If I'm all wrong about this please give a specific example... and sorry if I'm being thick. Also I'm not claiming that POST is safe as is, that's what SSL is for to encrypt the data between the server and client and vice versa. Only I don't get the exposure you're talking about. Didn't realize that STDIN was part of the browser's viewable source code. Marty -- SIMPL WebSite Creation: http://face2interface.com/Home/Demo.shtml -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
