For more information about the security of POST data, see

Is the security of POST data generally POST data secure and vulnerable to packet capture? Is it possible to simulate POST as long as someone can capture the POST data? It is useless to encrypt POST data unless we can identify who the POST is? So how to identify it .. In general, what are the interconnection methods between the two sides, and how to make it safer .. Hope our predecessors can give us some guidance on the security of POST data.

Is POST data generally secure and vulnerable to packet capture?

Is it possible to simulate POST as long as someone can capture the POST data?

It is useless to encrypt POST data unless we can identify who the POST is? So how to identify it ..

In general, what are the interconnection methods between the two sides, and how to make it safer ..

Hope our elders can guide you...



------ Solution --------------------
Post is a little bit safer than get, which can be ignored because there is almost no difference between post and get in the East program, if you don't understand the program, you can see that get does not reach the attack technology. you can determine where the request comes from.
------ Solution --------------------
There is a saying:
Never trust external data.

So you just need to summarize the above questions.
Packet capture is a simple task. you don't even need to capture packets for post, unless your data is post to yourself.

However, there are also many solutions, such as encryption, or passing a token to verify the token and filtering the post data.
------ Solution --------------------
HTTP has no security. In other words, the Internet has no security.


------ Solution --------------------
Data is insecure. post data can be assigned with a one-time encoding, which is slightly more secure,
The important thing is the role.

Which role is the data you post? What can this role do? What can I do? You just need to fix it.