- Post/uri Create
- Delete/uri/xxx Delete
- PUT/URI/XXX Update or create
- Get/uri/xxx View
The get operation is secure. Security means that the state of a resource does not change regardless of how many times it is done. For example, I use get browse articles, no matter how many times, the article is still there, no change. Of course, you may say that every time you browse the article, the number of views on the article add one, this does not change the state of the resources?
This is not contradictory, because this change is not caused by a get operation, but rather by the user's own set of service-side logic.
The put,delete operation is idempotent. Idempotent means that the results are the same regardless of the number of operations performed. For example, I use put to modify an article, and then do the same operation, after each operation the result is not different, delete is the same. By the way, because the get operation is safe, it is naturally idempotent. The post operation is neither secure nor idempotent, such as a common post repeat loading problem: when we make the same post request several times, the result is that we have created a number of resources. The significance of security and power is that when the operation does not reach the desired target, we can retry without any side effects on the resource. In this sense, the post operation is often harmful, but many times we still have to use it. Another thing to note is that the create operation can use post, or put, except that the post is acting on a collection resource (/uri), and the put operation is on a specific resource (/URI/XXX), and then, in a more popular sense, If the URL can be determined on the client, then use put, if it is determined on the server, then use post, for example, many resources use the database self-increment primary key as identity information, and the identity information of the created resource is what can only be provided by the server, this time must use post. The confusion about get POST is to say the same thing first, only to understand the same point to understand why confusion occurs. Both can send data to the server, the submitted "content" [Note 1] The same format, are var_1=value_1&var_2=value_2&....get and post differences such as literal, one is get (get), one is post (send). Get is used to tell the server what to get (Uri+query), a static page (URI) request to return the file content directly to the browser, and a query parameter can be provided when requesting a dynamic page to obtain the appropriate content. Post is used to submit content to the server, mainly for submission, not to request content, that is, the original purpose of post does not require the server to return the content [Note 2], but only submit content for the server processing (mainly storage or processing and then storage). Get and post are confusing because of the misuse of the data processing methods submitted, the data is innocent.
One of the confusing: the field used to query the get commits as storing data in a server-side file or database. You then mistakenly assume that get is used to submit data for storage.
Confusing two: scripting on the server side by processing post-submitted data and returning content. As long as there is data, it can be used to judge how the script is written by the programmer, regardless of the form of the data source (post, get, or the constant of its own default value). There is no problem with this feature, it is just a departure from its original purpose.
Because the data is to be transferred, and the data is in the same format (even if the data format is different, as long as the corresponding data can be extracted). When used, the pigtailed is unavoidable, the get data is used to store and the post data is used to retrieve the returned data. But the two are still different (mainly based on their use and "man" [Note 3], the length of get is limited to 2048 bytes (by browser and server limit, this is the current IE data, is 1024 bytes), to a large extent, limiting the get used to pass "storage data" of the ability to transmit data, So be honest with the search, post there is no such limitation (only the HTTP protocol specification is not size limited, but is limited by the server's processing power), so for large data (generally need to store the data may be larger, than 2048 bytes large) of the delivery has a natural advantage, who let it is Nature born post.
Get submitted data is placed in the URL, the purpose is flexible to the service to submit a retrieval request, you can modify the data in the address bar at any time to change the need to get the content, such as directly modify the page number to jump to another page (of course, it may be 404). The data submitted by the post is placed in the body of the HTTP request in order to submit the data and use it for server-side storage, rather than allowing the user to make too many changes to the data (mainly in the case of a lot of trouble with the URL modification, as long as the URL is changed by clicking on the Address bar), unless the data is specifically edited
Lace: The security of post and get is not very different on the transmission level, but the get method of submitting data by URL is easy to be seen by the human eye, or it can be seen in the history, or it may be visible to the naked eye, which is a local problem.
Note 1: I emphasize the content, as to the HTTP protocol in the GET and post format everyone is interested to see it yourself. Note 2:get mode is mainly to obtain the expected content, that is, uri+query the same content should be the same. Post is primarily a submission, as to whether it is necessary to return a page just for the user experience, such as returning your registration ID when registering, but it's not surprising if you just return a "You've registered successfully" page (even if the data you post is different). Note 3: There is a technical difference between get and post about this "man", which is not so pertinent. But from the appearance of the moment to say so, after all, the confusion is also "artificial".
HTTP POST GET Essential Difference Principle difference
Generally in the browser to enter the URL to access resources are through get way, in the form submission, you can specify the way to submit by means of a get or POST, the default is get commit HTTP defines the different methods of interacting with the server, the most basic method has 4 kinds, namely Get,post, Put,delete URL Full name is a resource descriptor, we can think: a URL address, which is used to describe a network of resources, and HTTP in the get,post,put,delete corresponding to this resource, change, increase, delete 4 operations. Here, everyone should have a general understanding, get is generally used to get/query resource information, and post is generally used to update the resource information (personally think this is the essence of get and post, but also the intention of the Protocol designer, other differences are specific manifestations of the difference). According to the HTTP specification, get is used for information acquisition and should be secure and idempotent. 1. The so-called security means that the operation is used to obtain information rather than modify the information. In other words, get requests generally should not have side effects. That is, it simply gets the resource information, just like a database query, without modification, adding data without affecting the state of the resource. * Note: The meaning of security here is simply non-modification information. 2. Idempotent means that multiple requests to the same URL should return the same result. Here I'll explain the concept of idempotent: Idempotent (idempotent, idempotence) is a mathematical or computer concept, common in abstract algebra. Idempotent is defined in the following ways:
For the monocular operation, if an operation has the same result as the result of doing the operation more than once in the range of a number of times, then we call the Operation Idempotent. For example, an absolute value operation is an example, in a real number set, there is abs (a) = ABS (ABS (a)). For binocular operations, it is required that when the two values of the participating operations are equal, if the results of the operation are equivalent to the two values of the participating operations, the exponentiation of the operation, such as a function of the maximum value of two numbers, is in the power of the real concentration, that is, max (x,x) = x. After reading the above explanations, you should be able to understand the meaning of get idempotent. But in practical applications, the above 2 rules are not so strict. Cite examples of other people's articles: for example, the front page of news sites is constantly being updated. Although the second request returns a different batch of news, the operation is still considered safe and idempotent, as it always returns the current news. Fundamentally, if the goal is that when a user opens a link, he can be confident that the resource is not changed from its point of view. According to the HTTP specification, post represents a request that may modify resources on the server. Continue to cite the example above: or the news to the website as an example, readers of the news to publish their own comments should be done through post, because after the comments submitted site resources have been different, or that the resources have been modified. It probably says something about the original rationality of Get and post in the HTTP specification. But in the actual time, many people do not follow the HTTP specification to do, the cause of this problem is many, such as: 1. Many people are greedy, when updating resources with GET, because the post must be to form (form), it will be troublesome. 2. The increase of resources, delete, change, check operation, in fact, can be completed through get/post, do not need to use put and delete. 3. Another is that the early but web MVC framework designers did not consciously look at and design URLs as abstract resources. A more serious problem is that the traditional Web MVC framework basically supports only the Get and post two HTTP methods, and does not support the put and delete methods.
Rest mode get,put,post,delete Meanings and differences (RPM)