HTTP POST GET Essential differences

The difference of expression form

Figuring out the difference between the two principles, let's look at the difference in their actual application:

To understand the difference between the two in the transmission process, let's look at the format of the HTTP protocol:

HTTP request:

<request line>


<blank line>

<request-body>]

In an HTTP request, the first line must be a request line, which describes the type of request, the resources to be accessed, and the HTTP version used. This is followed by a header section that describes the additional information that the server will use. After the header is a blank line, then you can add any additional data [called the body].

Examples of Get and post methods:
Get/books/?sex=man&name=professional http/1.1
Host:www.wrox.com
user-agent:mozilla/5.0 (Windows; U Windows NT 5.1; En-us; rv:1.7.6)
gecko/20050225 firefox/1.0.1
Connection:keep-alive

post/http/1.1
Host:www.wrox.com
user-agent:mozilla/5.0 (Windows; U Windows NT 5.1; En-us; rv:1.7.6)
gecko/20050225 firefox/1.0.1
content-type:application/x-www-form-urlencoded
Content-length:40
Connection:keep-alive
(----empty line here----)
Name=professional%20ajax&publisher=wiley



With the above understanding and examples of HTTP requests, let's look at the differences between the two ways to commit:

(1) Get commit, the requested data will be appended to the URL (that is, the data placed in the HTTP protocol header), in order to split the URL and transfer data, multiple parameters with & connection; for example: login.action?name=hyddd&password= Idontknow&verify=%e4%bd%a0%E5%A5%BD. If the data is an English letter/number, sent as is, if it is a space, converted to +, if it is Chinese/other characters, the string is directly encrypted with BASE64, such as:%E4%BD%A0%E5%A5%BD, where the xx in%xx is the symbol in 16 binary notation ASCII.

Post submission: Place the submitted data in the package of the HTTP packet. In the example above, the red font indicates the actual transfer data

As a result, the data submitted by get is displayed in the Address bar, while the post is submitted, the address bar does not change

(2) The size of the transmitted data: first of all: the HTTP protocol does not limit the size of the transmitted data, and the HTTP protocol specification does not limit the length of the URL.

The main limitations in the actual development are:

GET: Specific browsers and servers have restrictions on URL length, such as IE's limit on URL length is 2083 bytes (2k+35). For other browsers, such as Netscape, Firefox, etc., there is theoretically no length limit, and its limitations depend on the support of the operating system.

Therefore, for a get commit, the transmitted data is limited by the URL length.

POST: The theoretical data is not limited because it is not transmitted via a URL. However, the actual Web server will be required to limit the size of the post submission data, Apache, IIS6 have their own configuration.

(3) Security:

. The security of post is higher than the security of get. Note: The security described here is not the same concept as the "security" mentioned in get above. The meaning of "security" above is simply not to make data changes, and the meaning of security here is the meaning of true security, such as: submit data through get, user name and password will appear in plaintext on the URL, because (1) the login page may be cached by the browser, (2) Other people to view the browser's history, Then others can get your account number and password, in addition, using get to submit data may also cause Cross-site request forgery attack

(4) The HTTP GET,POST,SOAP protocol is run on HTTP
1) Get: The request parameter is appended to the URL as a sequence of key/value pairs (query string)
The length of the query string is limited by the Web browser and Web server (ie supports up to 2048 characters) and is not suitable for transporting large datasets at the same time, it is unsafe
2) Post: The request parameter is transmitted in a different part of the HTTP header (named entity body), which is used to transfer the form information, so the Content-type must be set to: application/ X-www-form-urlencoded. The post is designed to support user fields on Web Forms, and its parameters are also transmitted as key/value.
However: it does not support complex data types, because post does not define the semantics and rules for transferring data structures.
3) Soap: is a dedicated version of HTTP POST, followed by a special XML message format
Content-type is set to: Text/xml Any data can be XML

Three HTTP Responses
1. HTTP response Format:


<status line>
<blank line>
[<response-body>]

The only real difference in response is that the first line uses state information instead of the request information. Status line describes the requested resource situation by providing a status code.

HTTP Response instance:

http/1.1 OK
Date:sat, Dec 2005 23:59:59 GMT
Content-type:text/html;charset=iso-8859-1
content-length:122
<title> Wrox Homepage </title>
<body>
!--body goes here-->
</body>
2. The most commonly used status codes are:

(OK): The resource was found and everything is OK.
304 (not MODIFIED): The resource has not been modified since the last request. This is commonly used for browser caching mechanisms.
401 (Unauthorized): The client does not have permission to access the resource. This usually causes the browser to require the user to enter a user name and password to log on to the server.
403 (FORBIDDEN): Client failed to get authorization. This is usually followed by an incorrect user name or password that was entered after 401.
404 (Not FOUND): The requested resource does not exist at the specified location.

Four Complete examples:

Example:


HTTP GET

Send

Get/demowebservices2.8/service.asmx/cancelorder? Userid=string&pwd=string&orderconfirmation=string http/1.1
Host:api.efxnow.com

Reply

http/1.1 OK
Content-type:text/xml; Charset=utf-8
Content-length:length

<?xml version= "1.0" encoding= "Utf-8"?>
<objplaceorderresponse xmlns= "https://api.efxnow.com/webservices2.3" >
<Success>boolean</Success>
<ErrorDescription>string</ErrorDescription>
<ErrorNumber>int</ErrorNumber>
<CustomerOrderReference>long</CustomerOrderReference>
<OrderConfirmation>string</OrderConfirmation>
<CustomerDealRef>string</CustomerDealRef>
</objPlaceOrderResponse>



HTTP POST

Send

Post/demowebservices2.8/service.asmx/cancelorder http/1.1
Host:api.efxnow.com
content-type:application/x-www-form-urlencoded
Content-length:length

Userid=string&pwd=string&orderconfirmation=string

Reply

http/1.1 OK
Content-type:text/xml; Charset=utf-8
Content-length:length

<?xml version= "1.0" encoding= "Utf-8"?>
<objplaceorderresponse xmlns= "https://api.efxnow.com/webservices2.3" >
<Success>boolean</Success>
<ErrorDescription>string</ErrorDescription>
<ErrorNumber>int</ErrorNumber>
<CustomerOrderReference>long</CustomerOrderReference>
<OrderConfirmation>string</OrderConfirmation>
<CustomerDealRef>string</CustomerDealRef>
</objPlaceOrderResponse>



SOAP 1.2

Send

Post/demowebservices2.8/service.asmx http/1.1
Host:api.efxnow.com
Content-type:application/soap+xml; Charset=utf-8
Content-length:length

<?xml version= "1.0" encoding= "Utf-8"?>
<soap12:envelope xmlns:xsi= "http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd= "http://www.w3.org/2001/ XmlSchema "xmlns:soap12=" Http://www.w3.org/2003/05/soap-envelope ">
<soap12:Body>
<cancelorder xmlns= "https://api.efxnow.com/webservices2.3" >
<UserID>string</UserID>
<PWD>string</PWD>
<OrderConfirmation>string</OrderConfirmation>
</CancelOrder>
</soap12:Body>
</soap12:Envelope>

Reply

http/1.1 OK
Content-type:application/soap+xml; Charset=utf-8
Content-length:length

<?xml version= "1.0" encoding= "Utf-8"?>
<soap12:envelope xmlns:xsi= "http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd= "http://www.w3.org/2001/ XmlSchema "xmlns:soap12=" Http://www.w3.org/2003/05/soap-envelope ">
<soap12:Body>
<cancelorderresponse xmlns= "https://api.efxnow.com/webservices2.3" >
<CancelOrderResult>
<Success>boolean</Success>
<ErrorDescription>string</ErrorDescription>
<ErrorNumber>int</ErrorNumber>
<CustomerOrderReference>long</CustomerOrderReference>
<OrderConfirmation>string</OrderConfirmation>
<CustomerDealRef>string</CustomerDealRef>
</CancelOrderResult>
</CancelOrderResponse>
</soap12:Body>
</soap12:Envelope>

HTTP POST GET Essential differences