GATE | Gate IT 2005 | Question 29
A HTML form is to be designed to enable purchase of office stationery. Required items are to be selected (checked). Credit card details are to be entered and then the submit button is to be pressed. Which one of the following options would be appropriate for sending the data to the server. Assume that security is handled in a way that is transparent to the form design.
(A) Only GET
(B) Only POST
(C) Either of GET or POST
(D) Neither GET nor POST
GET is NOT SECURE, whatever data you transfer is goes as part of URI and that’s why it’s visible to whole world, you can not send any confidential data using this method.
POST sends data as part of HTTP request body, which can be encrypted using SSL and TLS. This is the reason all confidential data from client to server transffered using POST method e.g. username and password when you login to internet banking, or any online portal.