Re: [Cppcms-users] query string
Brought to you by:
artyom-beilis
Menu
▾
▴
Re: [Cppcms-users] query string
|
From: Joerg S. <jo...@br...> - 2015-09-30 16:44:04
|
On Wed, Sep 30, 2015 at 06:48:44PM +0300, kpeo wrote: > At my point security - is not about the data transferred between the client and > server only. > Browser can store the url with requested data in history / cache. Or URL can be > stored in clipboard, etc. > These data may not contain confidential data, but may contain some personal > information. So GET increases the risks. Yes, there are specific cases where a POST is useful for idempotent operations. Most of them disappeared with AJAX. Secure tips like "POST is more secure than GET" are the reason why we still have so many extremely bad behaving applications: (1) Using POST because it isn't cached instead of proper cache control. (2) Using POST because it doesn't make things appear in the (client) history. (3) Using POST to prevent C&P. None of this is about security. It is all a form of obscurity at best. The first criterion for GET vs POST should *always* be: does the request change any state? If the request is issued a second time, does something break? If the answer is no, it should *normally* be a GET. There are a few exceptions: (1) You want to pass a lot of data. In the past, some servers liked to complain about passing 200 characters by query string. (2) You have a sensitive query parameter and can't do the query indirectly via AJAX OR can't trust your deployment to have a sane logging configuration. That's about what I can think of after travelling for 12h. If you look at it carefully, the second point doesn't really fix the problem in any way. If you want to pass sensitive data around, encrypt it. Not just the transport, but the individual item as well. Remember, no storing of unencrypted credit card data as example. It's quite a good policy to do that as early as possible. I'm annoyed by such blanket statements, because they almost always lead to bad design decisions upfront by people that don't completely understand the ramnifications. Look at all the web shops still around where you can't just hit the Back button of your browser without getting annoying warnings about having to resubmit form data, even if you are just browsing the catalog. Joerg |
