Welcome to the Treehouse Community
Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.
Looking to learn something new?
Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.
Start your free trialTimothy Bramlett
6,609 PointsAre passwords and usernames sent via HTTP POST and GET?
I was just wondering, before https, were passwords sent via POST and GET through HTTP?
2 Answers
Unsubscribed User
501 PointsIf you build an application which runs in a browser you have no other canche then send the password in a POST request. Becouse of security reasons it's better if you make the connection secure between the client and the server side. Avoid storing the password in local storage. Use json webtoken instead.
Unsubscribed User
501 PointsThe best if you are on HTTPS already when the user credentials sent to the server.
Abhishek Bhardwaj
3,316 Pointsthrought post you can send username and password both but in case of GET the main limitation is that it show your data something like this : https://website.com/signin.php?username=xyz&password=abc123 and in POST it will be : https://website.com/signin.php
Abhishek Bhardwaj
3,316 PointsAbhishek Bhardwaj
3,316 Pointsyes , through http you can send the Username but password is risky in some way.