Difference between post and get request methods in HTTP

PrefaceWeb development is bound to involve browser and server interaction, so it is particularly important to understand how browsers and servers interact. Get and post have been contacted from the beginning of contact B/s, but the knowledge of them is really not deep. In the subsequent continuous project process, the continuous contact with them found that the previous understanding is really too shallow. This blog explores the difference between get and post.

HTTP protocolWhen you say get and post, you have to mention the HTTP protocol, because the browser and server interaction is performed through the HTTP protocol, while get and post are also two methods in the HTTP protocol.

HTTP is all called Hyper Text Transfer Protocol, the Chinese translation is Hypertext Transfer Protocol, the purpose is to ensure the communication between the browser and the server. HTTP works as a request-answer protocol between the client and the server.






The HTTP protocol defines the different ways in which browsers and servers interact, and there are 4 basic methods, namely get,post,put,delete. These four methods can be understood as, the server resources of the search, change, increase, delete.

Get: Fetch the data from the server, that is, the so-called search, just get the server resources, do not modify.

POST: Data is submitted to the server, which involves updating the data, which is to change the server's data.

Put:put's English meaning is to place, that is to add new data to the server, is called the increase.

Delete: As you can see from the literal sense, this is the process of deleting server data.

Get interaction1. The Get interaction method is to obtain data from the server rather than modify the data, so the getting interaction is safe. Just like a database query, querying data from a database does not affect the data information of the database, which is safe for the database.






2, get interaction is a power, power is a mathematical concept, idempotent functions can be repeated with the same parameters, and can obtain the same result of the function. In the get interaction here is, the result is the same for multiple requests to the same URL. Just like a database query, different database connections use the same criteria query for the same database table, and the results are the same.




Post Interaction1, post interaction is a way to modify the server data, involving the modification of information, there will be security issues. Just like the database update, update a database table, if the conditions are not written right, you may not need to modify the data to modify, the data is wrong.

2, the general post interaction is required to use the form, but the default method of form submission is get, if changed to post, you need to modify the form submission method.

the difference between the twoGet Way:

1. The Get method is to obtain the information of the resource specified by the request URL in an entity manner, if the request URL is only a data generation process, then the final return in response entity is the resource pointed to by the result of the processing process, not the description of the process. In other words, the information that get to is the resource, not the resource processing process.

2, please request the data will be appended to the URL after the. Separate URLs and transmit data, multiple parameters with & connections. The URL encoding format takes the form of ASCII encoding, not Unicode, in which all non-ASCII characters are encoded and then transmitted.

3, because the length of the URL limit, get way to transmit data size limit, the amount of data transmitted not more than 2KB.

4, Get way server end with Request.QueryString to obtain the value of the variable.

5, get-mode transport parameters are low security, because the transferred data will be displayed in the requested URL.

Post method:

1. Used to send a request to the destination server requesting it to receive the entity appended to the request and to use it as an additional subkey for the resource specified by the request URL in the request queue.

2. Post way the fields and content in the form are placed in the HTML header together to the URL address specified by the action attribute, and the user cannot see the process.

3, Post mode of data transmission is relatively large, the general is implied that there is no limit, but according to the configuration of IIS, the amount of transmission is different.

4, Post mode in the server side with Request.Form to obtain the submitted data.

5, post mode of transmission of data security is high, because the data transmission is not clearly displayed.

SummaryThe security of post and get methods is relative, and it depends on which point of view. From the aspect of data transmission process, post method is more secure, but from the operation of server data, the post way security is relatively low. Even if the transmission process is performed with post, security is relative, and if you understand the HTTP protocol vulnerabilities, you can also modify the interactive data by intercepting the packets sent, so the security here is not absolute.