Thanks for taking the time to set me straight! I swear the other day I found a few web sites saying POST was more secure than GET... But today I found the w3c page that talks about choosing between GET/POST and no mention of one being more secure (if used over SSL).
http://www.w3.org/2001/tag/doc/whenToUseGet.html Now I'm all torn up. I'm happy I don't have to do the extra work and I'm sad I don't need to hack jqModal. Alas, there are plenty more things for me to get my inner-geek excited about. Brian. On 5/1/07, Juha Suni <[EMAIL PROTECTED]> wrote:
Just a note here, https (ssl) also protects GET parameters in the URI. POST is not required for that, although is often preferred especially when there is more data. AFAIK the SSL layer kicks in before the request headers are sent (which include the params). This is the reason why you generally can have only one SSL-host per IP (on port 80 anyway). The server needs to send the certificate before it gets the information on what particular domain / path was accessed, and it has no idea on what certificate to send if there are several. This can lead to undesirable results. -- Suni ----- Original Message ----- *From:* Brian Cherne <[EMAIL PROTECTED]> *To:* jquery-en@googlegroups.com *Sent:* Monday, April 30, 2007 8:56 PM *Subject:* [jQuery] jqModal via POST ? Has anyone implemented jqModal (or something like it) via the POST method? I really enjoy how simple jqModal is for calling modal dialogs and I want to use it on a secure web page. In order to get the right information from the server I'll need to send in params... ideally params that are protected via HTTPS wrapper (and not sent via plain-text GET URI). Brian.
