On Sat, Oct 26, 2019 at 3:49 PM <to...@tuxteam.de> wrote: > On Thu, Oct 24, 2019 at 09:39:04PM -0400, Mike Gerwitz wrote: > > thanks for your good overview... a question > > > Passing session tokens via GET requests is a bad idea, because that > > leaks the token. > > Even in https? >
I guess he mean query-string with GET. > > Cheers > -- t >
