Re: curl security
Date: Thu, 8 Jun 2006 15:49:46 -0700
On Thu, Jun 08, 2006 at 10:23:02PM +0000, Joel Keeble wrote:
> when using curl is there any security problem with get compared with post?
> because a browser is not used.
> when a browser is used get will append the submitted info to the end of the
> url - my theory is no browser no security issue with get. is this correct?
You have to be more clear on what you're asking. If you're talking about
security vulnerabilities in curl due to things like buffer overflows, then
theoretically there could be different issues in the GET code path vs. the
POST code path but one is not inherently safer than the other. If you're
talking about things information leakage in logs, then GET would be safer
because the parameters are more likely to be logged than POST parameters.
There are probably a dozen other ways to interpret your question.
-- http://www.MoveAnnouncer.com The web change of address service Let webmasters know that your web site has movedReceived on 2006-06-09