Form 'method' for res.clearCookie(), does it matter?

Question

In the clearing cookie challenge with the Express Basics course, the instructor sets the method to 'post' for the form (that contains the button) that triggers the clearCookie method. I did that same exact thing, but also checked it with a 'get' method and got the same results. I'm wondering, since we aren't sending any info to the server, does it even matter which method (get or post) we use? Is one better than the other in this instance?

Answer 1 · 2017-07-01T04:47:14Z

July 1, 2017 4:47am

I believe at this time, given our code it does not matter. Because they both work as desired. I think it's more of a convention.

GET requests send the information in the url. And so the information is exposed.
POST requests are sent privately in the page headers. So in a real environment where you may be collecting sensitive user data on log-out you'd wont to use POST.

Answer 2 · 2017-09-28T23:02:45Z

September 28, 2017 11:02pm

I was wondering a similar thing; whether you can use an html link instead with an href that points to a route defined with the same functionality.

Is there a reason this would not work or would not be recommended in production?

index.pug

extends layout.pug

block content
  section#content
    if username
      h4 Hello, #{ username }!
      form(action='/logout', method='post')
        button(type='submit') Logout

server.js

app.post('/logout', (req, res) => {
  res.clearCookie('username')
  res.redirect('/')
})

Welcome to the Treehouse Community

Looking to learn something new?

Darrell Osborne

Darrell Osborne

Form 'method' for res.clearCookie(), does it matter?

2 Answers

Sam Donald

Sam Donald

Darrell Osborne

Darrell Osborne

Tom Geraghty

Tom Geraghty