Using GET vs using POST

Some sample form, to generate a get request:

   Please enter your name to register

   First name: Last name:

Now the same with POST instead of GET:

   Please enter your name to register

   First name: Last name:

Try out the buttons above, and look at the generated web traffic in the OWASP ZAP proxy.
You should see GET and POST requests to www.w3schools.com. Here you should see that for the GET requests the two parameters, firstname and lastname end up in the URL, whereas with the POST request they do not, but are in the body.

Using GET and POST with a hidden field

Now a GET with a hidden field for the first name. This could for instance be a webpage tailored for user who already supplied their first name:

   Hello John, please also enter your last name to register:

   Last name:

Now the same, but with a POST field:

   Hello John, please also enter your last name to register:

   Last name:

Look at the HTTP trafic to see which paramters is send at the first name, and look at the HTML source of this webpage to see where the hidden parameter comes from.

Including images in a web page

This webpage also include a picture, namely the Radboud logo at the bottom of this page. Look at the HTML source of this webpage to see how this picture is included in the webpage. Is this image loaded with a GET request or a POST request? Look at the HTTP traffic in ZAP to figure that out.