HTML Ways of protecting personal informations send by POST method

Question

we all know that we can use GET or POST method to send the form into our .php file , POST is the one which is more safe , but if we want to be absolutely sure that nobody can "catch" our data for example : passwords... is there any additional way of protecting our data during the way of moving from form to php file than just using POST method ? Thanks!

Answer 1

Things to consider when sending HTTP requests :

1. ALWAYS use POST requests for sending sensitive data. It is not secure in any way, but at least it doesn't put your data in the URL (as GET requests do).

2. It is highly recommended to ALWAYS use HTTPS for your POST requests, which adds encryption and is considered a lot more secure (the S in HTTPS stands for "secure").

3. If you control both the client and the server, you can add your own encryption to your fields before you send your POST request and decrypt your fields after you receive them.

---

Note :

It is no perfect solution (that doesn't exist), but always using POST requests and combining HTTPS with your own encryption would at least make it pretty difficult for hackers to figure out what's in your data.

How much more difficult it would be, depends on the quality of your own encryption and the skills of the hacker involved, but your average hacker would probably be unable to read your data if you combine all three options, even if your own encryption sucks.

Answer 2

POST is the one which is more safe

=> if you have proxy you can see any data you post. you can use this tool https://www.charlesproxy.com/

if we want to be absolutely sure that nobody can "catch" our data 

=> You can use https