How to submit a form without having the values shown in the URL?

I've been trying to figure this out for a while, but haven't come across any answers that have been useful for my particular case.

I have开发者_Python百科 a very basic HTML page that serves as a front end for a webapp I've made. There are two forms on said page - one to register for an account, and one to log in with an existing account. The idea is that if you register or log in, you'll be served the actual webapp.

Currently, I have this working, but the form contents get displayed in the URL on submission. This is both not that good looking (since the webapp URL becomes url.com/?username=user&password=pass instead of just url.com), and also insecure, since any onlooker would be able to clearly see what the username/password is.

I've tried using jquery forms to submit this using ajax instead, and I am successfully able to see and process this request on my server, but upon returning a new HTML page to the client, the browser no longer loads this new page. I understand that jquery/ajax was made (at least in part) to enable interactive features in a webpage without having to refresh the entire thing, but is there any way to use it to achieve such a thing?

alternatively, does anybody have any other ideas on how I can achieve my goal?

Also, just to make sure - if I wanted to submit this over SSL (which I do eventually), I would just need to alter the URL that this form is being submitted to to include an https instead of an http, correct?

Best, and thanks,

Sami

use the POST method instead of GET, when you use GET the form values are visible in the query string

When should I use GET or POST method? What's the difference between them?

use post insted of get to submit your form

<fom action="post">

Use POST for destructive actions such as creation (I'm aware of the irony), editing, and deletion, because you can't hit a POST action in the address bar of your browser. Use GET when it's safe to allow a person to call an action. So a URL like:

http://myblog.org/admin/posts/delete/357

Should bring you to a confirmation page, rather than simply deleting the item. It's far easier to avoid accidents this way.

POST is also more secure than GET, because you aren't sticking information into a URL. And so using GET as the method for an HTML form that collects a password or other sensitive information is not the best idea.

One final note: POST can transmit a larger amount of information than GET. I don't remember the exact constraints of each, but the advantage is significant.

in your form action use the POST method instead of GET

When do you use POST and when do you use GET?

In general, use POST for any request that has a side effect, such as updating a database or changing from logged-out to logged-in. Use GET when all you want is to retrieve a page.

Because of the way POST is implemented, none of the arguments will appear in the URL.