Html__post and get Difference "URL"

Source: Internet
Author: User
Tags html header http post

The difference between get and post:

There are 5 differences between get and post methods in form submission.
1.get is the data that is fetched from the server, and post is the data sent to the server.
2.get is to add the parameter data queue to the URL that the Action property of the submission form refers to, and the value corresponds to the field one by one in the form, which can be seen in the URL. Post is the httppost mechanism by which the fields within the form are placed within the HTML header with their contents and routed to the URL address referred to by the Action property. The user does not see the process.
3. For Get mode, the server side uses Request.QueryString to get the value of the variable, and for post, the server side uses Request.Form to obtain the submitted data.
4.get transmits a small amount of data and cannot be greater than 2KB. Post transmits a large amount of data, which is generally not restricted by default. In theory, however, the maximum amount of IIS4 is 100KB in 80KB,IIS5.
5.get security is very low and post security is high.

HTTP request: The difference between get and post methods
HTTP defines different ways to interact with the server, and the most basic method is get and post. In fact get applies to most requests, while retaining post is only used to update the site. According to the HTTP specification, get is used for information acquisition and should be secure and idempotent. The so-called security means that the operation is used to obtain information rather than modify information. In other words, get requests generally should not have side effects. Idempotent means that multiple requests to the same URL should return the same result. The complete definition is not as strict as it seems. Fundamentally, the goal is that when a user opens a link, she can be confident that the resource has not changed from its point of view. For example, the front page of news sites is constantly being updated. Although the second request returns a different batch of news, the operation is still considered safe and idempotent, as it always returns the current news. Vice versa. The POST request is not that easy. Post represents a request that might change resources on the server. Still take the news site as an example, the reader's comments on the article should be implemented through a POST request, because the site is different after the comment is submitted (for example, a note appears below the article);
When the form is submitted, if you do not specify method, the default is a GET request, and the data submitted in the form will be appended to the URL, separated from the URL. The alphanumeric character is sent as is, but the space is converted to the "+" sign, and the other symbol is converted to%XX, where XX is the ASCII (or ISOLatin-1) value of the symbol in 16 binary notation. The GET request submits the data to be placed in the HTTP request protocol header, and the data submitted by the post is placed in the Entity data;
The Get method submits only 1024 bytes of data, while Post does not have this limit.
What is the difference between using "post" and "get" in the form?
In the form, you can use post or get. They are all legal values of method. However, the post and get methods are at least two points different on use:
1. The Get method passes the user's input through a URL request. The Post method is in another form.
2, get mode of submission you need to use Request.QueryString to get the value of the variable, and when the post is submitted, you have to access the submitted content through Request.Form.
Study the following code carefully. You can run it to feel:
Code
〈!– two form only the method attribute is different –〉
〈form action= "getpost.asp" method= "get"?
〈input type= "text" name= "text" value= "Hello World" 〉〈/input〉
〈input type= "Submit" value= "Method=get" 〉〈/input〉
〈/form〉
〈br〉
〈form action= "getpost.asp" method= "POST"
〈input type= "text" name= "text" value= "Hello World" 〉〈/input〉
〈input type= "Submit" value= "Method=post" 〉〈/input〉
〈/form〉
〈br〉
〈br〉
〈% If request.querystring ("Text") 〈〉 "" Then%〉
The string passed by the Get method is: "〈b〉〈%= request.querystring (" Text ")%〉〈/b〉" 〈br〉
〈% End If%〉
〈% If Request.Form ("Text") 〈〉 "" Then%〉
The string passed through the Post method is: "〈b〉〈%= request.form (" Text ")%〉〈/b〉" 〈br〉
〈% End If%〉
Description
Save the above code as getpost.asp, then run, first test the Post method, at this time, the browser URL does not change anything, the result is returned:
The string passed through the Post method is: "Hello World"
Then the test is submitted with the Get method, note that the URL of the browser becomes:
Http://localhost/general/form/getpost.asp?Text=Hello+World
The result of the return is:
The string passed by the Get method is: "Hello World"
Finally, through the Post method submission, the browser URL is:
Http://localhost/general/form/getpost.asp?Text=Hello+World
And the returned result becomes:
The string passed by the Get method is: "Hello World"
The string passed through the Post method is: "Hello World"
Tips
Submitting data through the Get method can pose a security issue. such as a landing page. When data is submitted through the Get method, the user name and password appear on the URL. If:
1, the landing page can be cached by the browser;
2, other people can access the customer's machine.
Then someone can read the account number and password from the browser's history. Therefore, in some cases, the Get method poses a serious security problem.
Suggestions
http://www.devdao.com/
The Post method is recommended for use in form.
The difference between get and post 2
Get: Is the information of the resource specified by the request URI as an entity, and if the request URI is only a data generation process, the final return in the response entity is the resource to which the result of the processing is directed, rather than the description of the processing process.
Post: Used to make a request to the destination server that accepts the entity attached to the request and treats it as an additional new subkey for the resource specified by the request URI in the request queue, and post is designed to implement the following functions in a uniform way:
1: Interpretation of existing resources
2: Send messages to bulletin boards, newsgroups, mailing lists, or similar discussion groups.
3: Commit data block
4: Extending the database with additional operations
As can be seen from the description above, get is a request to send data to the server, while post is a request to submit data to the server, the data to be submitted is in the entity behind the information header.
Very theoretical, but very standard, method= "get" is not to get data from the server, get and post just send mechanism is different, not one to take a hair!
The Get method displays the value in the IE Address bar that indicates when you submitted it, and the Post method does not
1, get is to add the parameter data queue to the submission form the Action property refers to the URL, the value and the form within the field one by one corresponding to the URL can be seen. Post is the httppost mechanism by which the fields within the form are placed within the HTML header with their contents and routed to the URL address referred to by the Action property. The user does not see the process.
2, for Get mode, the server side uses Request.QueryString to get the value of the variable, for the Post method, the server side uses Request.Form to obtain the data submitted. The parameters of both methods can be obtained by using request.
3, get the amount of data transmitted less than 2KB. Post transmits a large amount of data, which is generally not restricted by default. In theory, however, the maximum amount of IIS4 is 100KB in 80KB,IIS5.
4, get security is very low, post security is high.
5, 〈form method= "get" action= "a.asp?b=b" and 〈form method= "get" action= "a.asp" is the same, that is, the list of parameters behind the action page is ignored; Formmethod= "POST" action= "A.asp?b=b" is not the same as 〈form method= "POST" action= "a.asp".
In addition, a GET request has the following characteristics: It adds data to the URL, which is passed to the server in this way, usually using a question mark? Represents the end of the URL address and the beginning of the data parameter, followed by a parameter each data parameter in the form of "name = value", the parameters and parameters are separated by a connector &.
The POST request has the following characteristics: The data is placed in the HTTP body, its organization is not only one, there is a & connection, there is a delimiter way, can hide parameters, transfer large numbers of data, more convenient.
The post Address bar does not appear a large list of things like Bjnghfgreygt.
If it's a get, it's going to happen.
1. The Get method passes the user's data through a URL request, connecting the field names in the form with their contents, paired strings, and placing them in the URL of the program referred to by the Action property, such as http://www.mdm.com/test.asp?name=asd& Password=sad, the data will be displayed directly on the URL, just as the user clicks on a link, and the Post method passes the HTTP post mechanism to place the field names within the form with their contents in the HTML header (header) to the server side. The Action property can be referred to by the program processing, the program through the standard input (stdin) way, the form of data read out and processed
2, get method need to use Request.QueryString to get the value of the variable, and post way through Request.Form to access the content of the submission
3, get way to transfer the amount of data is very small, generally limited to about 2 KB, but the execution efficiency is better than the Post method, and the post way to pass a relatively large amount of data, it is waiting for the server to read data, but also has a byte limit, this is to avoid the server with a large amount of data for malicious attacks, According to Microsoft, Microsoft has a limit on the maximum data that can be received with Request.Form (), with a KB byte in IIS 4 and a KB byte in IIS 5
Recommendation: Unless you are sure that the data you submit can be submitted at once, please use the Post method as much as possible
4, get the way to submit data, will bring security problems, such as a landing page, through the Get method to submit data, the user name and password will appear on the URL, if the page can be cached or other people can access the customer this machine, you can get the user's account and password from the history, So the form submission recommends using the Post method; The common problem with the form page submitted by the Post method is that if the page is refreshed, a dialog box pops up
1, get is to add the parameter data queue to the submission form the Action property refers to the URL, the value and the form within the field one by one corresponding to the URL can be seen. Post is the httppost mechanism by which the fields within the form are placed within the HTML header with their contents and routed to the URL address referred to by the Action property. The user does not see the process.
2, for Get mode, the server side uses Request.QueryString to get the value of the variable, for the Post method, the server side uses Request.Form to obtain the data submitted. The parameters of both methods can be obtained by using request.
3, get the amount of data transmitted less than 2KB. Post transmits a large amount of data, which is generally not restricted by default. In theory, however, the maximum amount of IIS4 is 100KB in 80KB,IIS5.
4, get security is very low, post security is high.
5, 〈form method= "get" action= "a.asp?b=b" and 〈form method= "get" action= "a.asp" is the same, that is, the list of parameters behind the action page is ignored; Formmethod= "POST" action= "A.asp?b=b" is not the same as 〈form method= "POST" action= "a.asp".

=============================================================================================

Second, according to the provisions of the HTML, when the form is submitted by the Get method, the query string in the action address is discarded.

Provision of the original:

    • HTML 4.0.1 (http://www.w3.org/TR/html401/interact/forms.html#h-17.13.3.4)

If the method is "get" and the action is an HTTP URI, the user agent
Takes the value of action, appends a '? ' to it, then appends the form
Data set, encoded using the "application/x-www-form-urlencoded"
Content type.

    • HTML 5 (Http://www.w3.org/TR/2011/WD-html5-20110525/association-of-controls-and-forms.html#form-submission-algorithm)

Mutate Action URL
Let query be the result of encoding the form data
Set using the application/x-www-form-urlencoded encoding algorithm,
interpreted as a us-ascii string.

Let destination being a new URL that's equal to the action except that
Its component are replaced by query (adding a u+003f QUESTION
MARK character (?) if appropriate).

Therefore, using hidden input, which can be used with the hidden parameter on the URL, is the simplest, programming-free way.

If you are too hidden input trouble, then regret, there is no easier way.

There is also a way to use JavaScript, but programming is more troublesome than hidden input, as follows:

Listen for form Submit event, OnSubmit (), do it in turn:
1. Remove the value of the action and parse the query string (the string after the question mark)
2. Apeend two hidden input elements into the form, name and value use the results resolved in the first step above
3. Submit a form with Form.submit ()

Advantage, this JS write well, no matter which page you have similar requirements, no matter how many variables you have to submit to the server, just press the form tag you gave in this main post, the query string is written in action, JS will automatically turn it into hidden input, Adaptive ability is stronger than handwriting hidden input to be concise.

Html__post and get Difference "URL"

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.