First, the principle of difference
In general, we enter a URL in the browser to access the site is a GET request, and then form form, you can specify by setting the method is a get or post submission method, the default is get Submit method.
HTTP defines different ways to interact with the server, the most basic of which is four: Get,post,put,delete,head, where get and head are called security methods because HTTP requests using GET and head do not produce any action. Not generating an action means that the get and head HTTP requests do not produce any results on the server. But security is not an action, and the security method here simply means that the information is not modified.
According to the HTTP specification, post may modify requests for resources on the server. For example, CSDN's blog, a user submits an article or a reader submits a comment is done through a POST request, because the submission of the article or comments after the submission of resources (that is, a page) is different, or that the resources have been modified, these are "unsafe methods."
Ii. the difference of manifestation form
After figuring out the difference between the two principles, let's look at the differences in the actual application.
First, let's look at the format of the HTTP request:
[Plain]View Plaincopyprint?
- <method> <request-URL> <version>
-
- <entity-body>
<method> <request-URL> <version>
In an HTTP request, the singular line must be a request line, including the request method, the request URL, and the HTTP version information used for the message. It is followed by a herders section, which can have 0 or a header that describes the additional information that the server will use. After the first is a blank line, and finally the body of the message entity, including a data block of arbitrary data. But not all messages contain the body part of the entity.
Get Request instance:
[Plain]View Plaincopyprint?
- GET http://weibo.com/signup/signup.php?inviteCode=2388493434
- Host:weibo.com
- accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
GET http://weibo.com/signup/signup.php?inviteCode=2388493434Host:weibo.comAccept:text/html,application/xhtml+ xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Post Request instance:
[Plain]View Plaincopyprint?
- post/inventory-check.cgi http/1.1
- Host:www.joes-hardware.com
- Content-type:text/plain
- Content-length:18
- Item=bandsaw 2647
post/inventory-check.cgi Http/1.1host:www.joes-hardware.comcontent-type:text/plaincontent-length:18item=bandsaw 2647
Let's take a look at the differences between the two request types:
1, GET request, the requested data is appended to the URL, to split the URL and transfer data, multiple parameters with & connection. The encoding format of the URL is encoded in ASCII rather than Uniclde, meaning that all non-ASCII characters are encoded before being transmitted.
POST request: The POST request places the requested data in the package body of the HTTP request packet. The item=bandsaw above is the actual transfer data.
Therefore, the data for the GET request is exposed in the address bar, and the POST request does not.
2, the size of the transmitted data
In the HTTP specification, there is no limit to the length of the URL and the size of the data being transmitted. However, in the actual development process, for get, the specific browser and server to the length of the URL is limited. Therefore, when you use a GET request, the transfer data is limited by the URL length.
In the case of post, it is theoretically not restricted because it is not a URL, but in fact each server specifies that the size of the post submission data is limited, and that Apache and IIS have their own configuration.
3. Security
The security of post is higher than get. The security here refers to real security, and unlike the security methods mentioned above, the security mentioned above is simply not modifying the server's data. For example, in the login operation, through the GET request, the user name and password will be exposed to the URL, because the login page is likely to be cached by the browser and other people to view the history of the browser, the user name and password is easy to get someone else. In addition, data submitted by get requests may also cause Cross-site request Frogery attacks
4. The GET,POST,SOAP protocol in HTTP is all running on HTTP
Third, HTTP response
Format of HTTP response messages
[Plain]View Plaincopyprint?
- <version> <status> <reason-phrase>
-
- <entity-body>
<version> <status> <reason-phrase>
Status code that describes what happened during the request
Reson-phrase is a readable version of the digital status code
Common status codes and meanings are as follows:
The server successfully processed the request
301/302 Moved Permanently (redirected) the URL of the request has been moved. The response message should contain a location URL indicating where the resource is now located
304 not Modified (unmodified) client's cache resource is up-to-date for clients to use cached content
404 Not Found resource not found
501 The Internal server error server encountered an error that prevented it from serving the request
HTTP Response Example
http/1.1 OK
[Plain]View Plaincopyprint?
- Content-type:text/plain
- Content-length:12
- Hello world!
Content-type:text/plaincontent-length:12hello world!
[Plain]View Plaincopyprint?
- <pre class= "plain" name= "code" snippet_file_name= "blog_20140418_2_9713022" code_snippet_id= "300067" ><pre Snippet_file_name= "blog_20140418_2_9713022" code_snippet_id= "300067" ></pre>
- <pre></pre>
- <pre></pre>
- <pre></pre>
- <pre></pre>
- <pre></pre>
- <pre></pre>
- <pre></pre>
- <div style= "padding-top:20px;" >
- <p style= "FONT-SIZE:12PX;" > Copyright: This article is for bloggers original articles, not allowed to be reproduced without the permission of Bo master. </p>
- </div>
- </pre>
The difference between post and get in an HTTP request