---
title: Do Not Pass Sensitive Data In Query String
impact: HIGH
impactDescription: prevents sensitive data leakage in logs
tags: sensitive-data, query-string, logging, privacy, security, csharp
---

## Do Not Pass Sensitive Data In Query String

Query strings are logged by servers, proxies, and browsers. Never put passwords, tokens, or PII in URL parameters.

**Incorrect (sensitive data in URL):**

```csharp
[HttpGet]
// DANGEROUS: /login?password=secret
public IActionResult Login(string username, string password) 
{
    // ...
}

var url = $"https://api.example.com/reset?token={resetToken}";
```

**Correct (POST body or Headers):**

```csharp
[HttpPost]
public IActionResult Login([FromBody] LoginModel model)
{
    // Password is in body, not URL
    // ...
}

// Pass tokens in Headers
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
```

**Tools:** Roslyn Analyzers, SonarQube