Is it a security issue to include postcode and/or last name in a GET request query string?
I’m currently designing an API endpoint to validate a customer, and they can either pass in their postcode or their last name, as well as their customer ID (plus some other irrelevant data).
I’ve heard that including PII or sensitive data … Continue reading Is it a security issue to include postcode and/or last name in a GET request query string?