HTTP request: Difference between get and post method (turn)

Source: Internet
Author: User
Tags html header http post alphanumeric characters browser cache

HTTP defines different methods of interacting with the server, and the most basic method is get and POST. In fact, get applies to most requests, while the reserved POST is used only for updating the site. According to the HTTP specification, get is used for information acquisition, and should be secure and idempotent. The so-called safe means that the operation is used to obtain information rather than modify information. In other words, get requests should not generally have side effects. Idempotent means that multiple requests to the same URL should return the same result. The complete definition is not as strict as it seems. Fundamentally, the goal is that when a user opens a link, she can be sure that it doesn't change resources from its perspective. For example, the front pages of news sites are constantly being updated. Although the second request returns a different batch of news, the operation is still considered safe and idempotent, as it always returns the current news. Vice versa. POST requests are not that easy. POST represents a request that might change resources on the server. Still, for example, a news site, the reader's note to the article should be implemented through post requests, because the site has been different after the annotation was submitted (for example, an annotation appears below the article);

When a form is submitted, if method is not specified, the default is GET request, and the data submitted in the form is appended to the URL to separate it from the URL. Alphanumeric characters are sent as is, but spaces are converted to "+", and other symbols are converted to%XX, where XX is the ASCII (or ISO Latin-1) value that the symbol is in 16. A GET request requests that the data submitted be placed in the HTTP request protocol header, while the post-submitted data is placed in the Entity data;

The data submitted by Get method can only have up to 2048 bytes (url+ parameters), and post does not have this limit.
Official description: http://support.microsoft.com/default.aspx?scid=kb; en-us;q208427

Using Post vs. get Difference (ASP)

one, in the form, you can use the post or get. They are all valid values of method. However, the post and get methods are at least two different points of use:

1. The Get method passes the user's input through a URL request. The Post method is in another form.

2, get way of the submission you need to use Request.QueryString to obtain the value of the variable, and the Post method submission, you have to pass through Request.Form to access the content submitted.

Study the following code carefully. You can run it to feel the following:

Code

<!--two form only the method attribute is different-->

<form action= "getpost.asp" method= "Get" >

<input type= "text" value= "Hello World" ></INPUT>

<input type= "Submit" value= "Method=get" ></INPUT>

</FORM>

<BR>

<form action= "getpost.asp" method= "POST" >

<input type= "text" value= "Hello World" ></INPUT>

<input type= "Submit" value= "Method=post" ></INPUT>

</FORM>

<BR>

<BR>

<% If request.querystring ("Text") <> "" Then%>

The string passed through the Get method is: "<b><%= request.querystring (" Text ")%></b>" <BR>

<% End If%>

<% If Request.Form ("Text") <> "" Then%>

The string passed through the Post method is: "<b><%= request.form (" Text ")%></b>" <BR>

<% End If%>

Description

Save the above code as getpost.asp, then run, first test the Post method, at which point the browser URL does not change, the result returned is:

The string passed through the Post method is: "Hello World"

Then the test is submitted using the Get method, notice that the URL of the browser becomes:

Http://localhost/general/form/getpost.asp?Text=Hello+World

And the result returned is:

The string passed through the Get method is: "Hello World"

Finally, the Post method is submitted, and the URL of the browser is:

Http://localhost/general/form/getpost.asp?Text=Hello+World

and the return result becomes:

The string passed through the Get method is: "Hello World"

The string passed through the Post method is: "Hello World"

Tips

Submitting data through a GET method can pose a security issue. Like a landing page. When data is submitted through the Get method, the username and password appear on the URL. If:

1, landing page can be browser cache;

2, other people can access the customer's machine.

Then, someone else can read the account number and password from the browser's history. Therefore, in some cases, the Get method poses a serious security problem.

Recommendation: In form, the Post method is recommended.

Second,<form action= "" "method=" post "> Refresh will pop-up prompt box, ask whether to resend the request, if you change to Method=get will not have this hint, the following is a post and get some differences

Post requests have no length limits (at least theoretically)

Get has a length limit of up to 2048 bytes (1024 characters)

Third, remember Request.QueryString (), as long as you pass the value with GET, then will be followed by the HTTP request string. Can try. The post is not behind the HTTP request string, but on the last side of the request. and invisible, the general password can be sure to pass, otherwise in the address bar can be directly seen. (although none is encrypted)

And there's more to post.

Then the general use of IIS filters only accept get parameters, which is why those large search engines behind a lot of content, because post can not send the past, can only use get. Look at Goole or Yahoo.

Iv. The difference between get and post in form submission is summarized as follows:

1. Get is to obtain data from the server, post is to transfer data to the server.

2. Get is to add the parameter data queue to the URL of the action attribute that submits the form, and the value corresponds to each field one by one in the form, which can be seen in the URL. Post is the HTTP post mechanism that places the fields in the form and their contents in the HTML header to the URL address that the action attribute refers to. This process is not visible to the user.

3. For Get way, server end uses Request.QueryString to obtain variable value, for post way, server end uses Request.Form to obtain the submitted data.

4. The amount of data transferred by get is small and cannot be greater than 2KB. Post transfers have a large amount of data, which is generally default to unrestricted. In theory, however, the maximum number of IIS4 is 100KB in 80KB,IIS5.

5. Get security is very low, post security is high.

   

the difference between get and Post (JSP)

The difference between get and Post seems to be larger than I expected, with at least two points found recently in the development process using Tomcat:

The encoding used to pass the parameter is not necessarily the same. In Tomcat, it seems that get is encoded according to the encoding specified in the page, and that the post is always using the same encoding, which can be configured in Tomcat's Server.xml.

When using get, the parameters are displayed on the address bar, and the Post does not.

So, if the data is Chinese and is not sensitive, use get, or use post if the user enters data that is not a Chinese character and contains sensitive data.

They pass the parameter when the code is not the same, get way without encoding directly to pass, so others can see your delivery content (of course, can take steps to avoid users see content, such as JavaScript dynamic organization URL), post mode is encoded transmission, And there are no special character delivery errors.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.