Home > Archive > Java Help > October 2005 > How to hide information from address line of JSP?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
How to hide information from address line of JSP?
|
|
| Daniel 2005-10-28, 7:02 pm |
| I have a login page (JSP) that uses a form to pass username and
password.
The recipient (another JSP) of the post parse the parameters, do some
processing, and present the results. The problem is that the username
and
password are shown in the address line of browser on the recipient
page.
How can I prevent the username/password from showing in address line of
browser
? Thanks for help.
| |
| Frances 2005-10-28, 7:02 pm |
| Daniel wrote:
> I have a login page (JSP) that uses a form to pass username and
> password.
> The recipient (another JSP) of the post parse the parameters, do some
> processing, and present the results. The problem is that the username
> and
> password are shown in the address line of browser on the recipient
> page.
>
> How can I prevent the username/password from showing in address line of
> browser
> ? Thanks for help.
>
unless I'm missing or forgetting something, obvious solution would be to
use method post to submit form instead of method get...
<form method=post> instead of <form method=get>
HTH..
Frances
| |
| Daniel 2005-10-29, 3:59 am |
| Thanks! Change the "get" method to "post" will solve the problem.
Daniel wrote:
> I have a login page (JSP) that uses a form to pass username and
> password.
> The recipient (another JSP) of the post parse the parameters, do some
> processing, and present the results. The problem is that the username
> and
> password are shown in the address line of browser on the recipient
> page.
>
> How can I prevent the username/password from showing in address line of
> browser
> ? Thanks for help.
| |
| Chris Smith 2005-10-29, 3:59 am |
| Daniel <Scientific.Visualization@gmail.com> wrote:
> Thanks! Change the "get" method to "post" will solve the problem.
>
To be more philosophical: the HTTP GET method is intended for situations
in which the form contents determine the identity of the data delivered
on the following page. It is, therefore, only correct to use when the
form serves the sole purpose of selecting data for display. Any time
that a form has a side-effect, or isn't solely intended to retrieve
data, POST is the better method.
Any time you are asking for form login, which is about identity and
security rather than selecting information, it's definitely time to
avoid the GET method.
--
www.designacourse.com
The Easiest Way To Train Anyone... Anywhere.
Chris Smith - Lead Software Developer/Technical Trainer
MindIQ Corporation
| |
| Roedy Green 2005-10-31, 3:57 am |
| On Fri, 28 Oct 2005 23:31:42 -0600, Chris Smith <cdsmith@twu.net>
wrote, quoted or indirectly quoted someone who said :
> It is, therefore, only correct to use when the
>form serves the sole purpose of selecting data for display.
the 50 cent term for this idempotent. You would get the same answer
if you ran the query immediately again before the database had a
chance to change, and there would be no untoward side effect of doing
so, e.g. updating your bank balance twice.
--
Canadian Mind Products, Roedy Green.
http://mindprod.com Java custom programming, consulting and coaching.
|
|
|
|
|