Avoinding exposure of sensitive data passed in arguments of the URL

Avoinding exposure of sensitive data passed in arguments of the URL

  
Hi,

What is the best way to protect our application, avoiding the exposure of sensitive data in the URL?
Using POSTs instead of GETs or using Session variables?

Can someone give me a good explanation? :)
Thanks

Hi Miguel,

What are the scenarios you're thinking of? Typically, you'd pass an Id as input parameter to a details screen, and query the database based on that Id in the Preperation. With REST services, you can put parameters in the Header or the Body instead of the URL if they contain sensitive information.