I was trying to send a POST using HTML and it works fine.
The only concern I have is it shows the data before submission.
And I don’t want our user to see data showing on their browser, even if it’s only one second.
What do you think I should do to avoid this?
<form name="form1" id="form1" action="{{ $endpoint }}" method="post">
<input type="hidden" name="data" value="{{ $data }}">
</form>
<script>
document.getElementById('form1').submit();
</script>
I add a type="hidden", but it doesn’t help.
2
Answers
You can add the data to the session instead of sending a form:
Then use
This would require you to rename the file to .php extension, however your application will work server-side and users will not be able to see the data you are transfering.
Appends form-data into the URL in name/value pairs
The length of a URL is limited (about 3000 characters)
Never use GET to send sensitive data! (will be visible in the URL)
Useful for form submissions where a user wants to bookmark the result
GET is better for non-secure data, like query strings in Google
Notes on POST:
Appends form-data inside the body of the HTTP request (data is not shown in URL)
Has no size limitations
Form submissions with POST cannot be bookmarked