|
|
|
|
|
|
by dudus
3647 days ago
|
|
|
The point is that GET parameters are more likely to be stored in server logs or other application logs where POST body is usually discarded from such logs. So someone getting access to the logs will have access to a lot of possibly sensitive data, that's all depending on server and application settings, but by default GET are more likely to leave traces than POST. It's a subtle but valid concern. |
|
|