Is using http Post instead of http Get to send authntication token is considered more secure

Question

I have the following metohd inside my asp.net mvc web application, which calls an external API, bypassing an authentication token inside the authntication header :-

try
           {

               string currentURL = System.Web.Configuration.WebConfigurationManager.AppSettings["scanningURL"];
               string token = System.Web.Configuration.WebConfigurationManager.AppSettings["TMSToken"];
               using (WebClient wc = new WebClient())
               {
                   string url = currentURL + "home/scanserver?FQDN=allscan" ;
                   wc.Headers.Add("Authorization", 
  token);
                   var json = await  wc.DownloadStringTaskAsync(url);
                   TempData["messagePartial"] = string.Format("Scan has been completed. Scan reported generated");

               }




           }

now is this considered more secure if i send Post request instead of Get request as i am currently doing, or they have the same security level ?

second question which is about semantic . now this request is for Network Scanning , where the Network Scanning will modify the DB with the scanning result. so should I in all cases use Post request instead of Get,, since the request will modify the database , or in other words will call another action method that will modify the DB ? Thanks

score 0 · Answer 1 · edited May 23 '17 at 11:52

0

Try Wireshark software, here you can tap your get or post request, you will then see post or get both are exposing similar amount of data to network.

follow this blog for more get or post use cases Is either GET or POST more secure than the other?

edited May 23 '17 at 11:52

Community

1
1

answered Sep 10 '15 at 17:55

JustTry

171
1
8

Is using http Post instead of http Get to send authntication token is considered more secure

1 Answers1