WebApp Sec: RE: IIS log - GETs vs. POSTs

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

WebApp Sec mailing list archives

RE: IIS log - GETs vs. POSTs

From: "Calderon, Juan C (EM, DDEMESIS)" <Juan.Calderon () ge com>
Date: Mon, 1 Sep 2003 10:23:11 -0400

As far as I know.

Other implication of sending information trough HTTP GET is that SSL do
not encrypt (protect) it, only the bytes flow (POST data) as encrypted.
so sending information though URL using SSL is useless.

Correct me if i'm wrong.

cheers :)

Attachment: smime.p7s
Description:

By Date By Thread

Current thread:

Fw: IIS log - GETs vs. POSTs Matt Fisher (Aug 30)
- Re: IIS log - GETs vs. POSTs Jeremy Poteet (Aug 30)
  - Re: IIS log - GETs vs. POSTs RSnake (Aug 30)
    - Re: IIS log - GETs vs. POSTs Lucas Holt (Aug 30)
    - Re: IIS log - GETs vs. POSTs RSnake (Aug 31)
- <Possible follow-ups>
- RE: IIS log - GETs vs. POSTs Calderon, Juan C (EM, DDEMESIS) (Sep 01)
  - RE: IIS log - GETs vs. POSTs RSnake (Sep 01)
    - RE: IIS log - GETs vs. POSTs Guille -bisho- (Sep 01)
    - RE: IIS log - GETs vs. POSTs RSnake (Sep 01)
- RE: IIS log - GETs vs. POSTs Brown, James F. (Sep 17)