The difference between get and post methods in form submission

Source: Internet
Author: User
Tags html header

The difference between get and post in a form submission is 5 points 1.get is the data retrieved from the server, and post is the data that is sent to the server. 2.get is to add the parameter data queue to the URL that the Action property of the submission form refers to, and the value corresponds to the field one by one in the form, which can be seen in the URL. Post is the httppost mechanism by which the fields within the form are placed within the HTML header with their contents and routed to the URL address referred to by the Action property. The user does not see the process. 3. For Get mode, the server side uses Request.QueryString to get the value of the variable, and for post, the server side uses Request.Form to obtain the submitted data. 4.get transmits a small amount of data and cannot be greater than 2KB. Post transmits a large amount of data, which is generally not restricted by default. In theory, however, the maximum amount of IIS4 is 100KB in 80KB,IIS5. 5.get security is very low and post security is high. HTTP request: The difference between get and Post methods HTTP defines different ways to interact with the server, and the most basic method is get and post. In fact get applies to most requests, while retaining post is only used to update the site. According to the HTTP specification, get is used for information acquisition and should be secure and idempotent. The so-called security means that the operation is used to obtain information rather than modify information. In other words, get requests generally should not have side effects. Idempotent means that multiple requests to the same URL should return the same result. The complete definition is not as strict as it seems. Fundamentally, the goal is that when a user opens a link, she can be confident that the resource has not changed from its point of view. For example, the front page of news sites is constantly being updated. Although the second request returns a different batch of news, the operation is still considered safe and idempotent, as it always returns the current news. Vice versa. The POST request is not that easy. Post represents a request that might change resources on the server. Still take the news site as an example, the reader's comments on the article should be implemented through the POST request, because the site is different after the submission of the note (for example, a note appears below the article), when the form is submitted, if you do not specify method, the default is a GET request, The data submitted in the form will be appended to the URL, separated from the URL. The alphanumeric character is sent as is, but the space is converted to the "+" sign, and the other symbol is converted to%XX, where XX is the ASCII (or ISOLatin-1) value of the symbol in 16 binary notation. The GET request submits the data to be placed in the HTTP request protocol header, and the data submitted by the post is placed in the Entity data, and the data submitted by the Get method can only have 1024 bytes, while the postThere is no such limit. What's the difference between using "post" and "get" in a form, you can use post or get. They are all legal values of method. However, the post and get methods differ by at least two points in use: 1, the Get method passes the user's input through a URL request. The Post method is in another form. 2, get mode of submission you need to use Request.QueryString to get the value of the variable, and when the post is submitted, you have to access the submitted content through Request.Form. Study the following code carefully. You can run it to feel: code 〈!– two FORM only the METHOD property is different –〉〈form action= "getpost.asp" method= "get"? 〈input type= "text" name= "text" value= "Hello World" 〉〈/input〉〈input type= "Submit" value= "Method=get" 〉〈/input〉〈/form〉〈 Br〉〈form action= "getpost.asp" method= "POST" 〉〈input type= "text" name= "text" value= "Hello World" 〉〈/input〉〈input type= " Submit "value=" Method=post "〉〈/input〉〈/form〉〈br〉〈br〉〈% If request.querystring (" Text ") 〈〉" "then%〉 the string passed by the Get method is:" b〉〈%= request.querystring ("text")%〉〈/b〉 "〈br〉〈% End if%〉〈% if Request.Form (" text ") 〈〉" "then%〉 the string passed through the Post method is:" 〈b〉 〈%= Request.Form ("Text")%〉〈/b〉 "〈br〉〈% End If%〉 instructions to save the above code as getpost.asp, and then run, first test the Post method, this time, the browser URL does not change anything, the result is returned: The string passed through the Post method is: "Hello World" and then the test is submitted with the Get method, please note that the URL of the browser becomes: HTTP://LOCALHOST/GENERAL/FORM/GETPOSt.asp? The result of Text=hello+world is that the string passed by the Get method is: "Hello World" is finally submitted via the Post method, and the URL of the browser is: http://localhost/general/form/ Getpost.asp? Text=hello+world and the returned result becomes: The string passed by the Get method is: "Hello World" is passed through the Post method string is: "Hello World" prompt through the Get method to submit data, may pose a security problem. such as a landing page. When data is submitted through the Get method, the user name and password appear on the URL. If: 1, the landing page can be cached by the browser, 2, other people can access the customer's machine. Then someone can read the account number and password from the browser's history. Therefore, in some cases, the Get method poses a serious security problem. We recommend that you use the Post method in the form http://www.devdao.com/. The difference between get and post 2 get: Is the information of the resource specified by the request URI as an entity, and if the request URI is only a data generation process, then the final return in the response entity is the resource to which the result of the processing is directed, rather than the description of the processing process. Post: Used to make a request to the destination server that it accepts the entity attached to the request and treats it as an additional new subkey for the resource specified by the request URI in the request queue, and post is designed to implement the following functions in a unified manner: 1: Interpretation of existing resources 2: to the bulletin board, newsgroups, Message list or similar discussion group send message. 3: Commit data Block 4: Extend the database with additional actions as described above, get is a request to send data to the server, and post is a request to submit data to the server, and the data to be submitted is in the entity behind the information header. Very theoretical, but very standard, method= "get" is not to get data from the server, get and post just send mechanism is different, not one to take a hair! The Get method displays the value in the IE Address bar that indicates when you submitted it; The Post method does not 1, and get is the URL in which the parameter data queue is added to the Action property of the submission form, and the value corresponds to the field one by one in the form, which can be seen in the URL. Post is the httppost mechanism by which the fields within the form are placed within the HTML header with their contents and routed to the URL address referred to by the Action property. The user does not see the process. 2, for Get mode, server side with requEst. QueryString gets the value of the variable, and for post, the server side uses Request.Form to get the submitted data. The parameters of both methods can be obtained by using request. 3, get the amount of data transmitted less than 2KB. Post transmits a large amount of data, which is generally not restricted by default. In theory, however, the maximum amount of IIS4 is 100KB in 80KB,IIS5. 4, get security is very low, post security is high. 5, 〈form method= "get" action= "a.asp?b=b" and 〈form method= "get" action= "a.asp" is the same, that is, the list of parameters behind the action page is ignored; Formmethod= "POST" action= "A.asp?b=b" is not the same as 〈form method= "POST" action= "a.asp". In addition, a GET request has the following characteristics: It adds data to the URL, which is passed to the server in this way, usually using a question mark? Represents the end of the URL address and the beginning of the data parameter, followed by a parameter each data parameter in the form of "name = value", the parameters and parameters are separated by a connector &. The POST request has the following characteristics: The data is placed in the HTTP body, its organization is not only one, there is a & connection, there is a delimiter way, can hide parameters, transfer large numbers of data, more convenient. The post Address bar does not appear a large string? BJNGHFGREYGT, if it's a get, it's going to happen. 1. The Get method passes the user's data through a URL request, connecting the field names in the form with their contents, paired strings, and placing the URL of the program that the Action property refers to , such as Http://www.mdm.com/test.asp?name=asd&passWord=sad, the data will be displayed directly on the URL, just as the user clicked a link, post method through the HTTP post mechanism, The name of each field in the form is placed in the HTML header (header) and sent to the server side by the Action property can refer to the program processing, the program through the standard input (stdin) method, the form of data read out and processed 2, get method needs to use Request.QueryString to get the value of the variable, while the post way through the Request.Form to access the submitted content 3, get way to transfer the amount of data is very small, generally limited to about 2 KB, but the efficiency of execution than POThe St method is good, and the post method transmits a relatively large amount of data, it is waiting for the server to read the data, but also has a byte limit, this is to avoid the server with a large amount of data for malicious attacks, according to Microsoft, Microsoft to use Request.Form () can receive the maximum data limit, In IIS 4, the ten KB bytes in IIS 5 are recommended for KB bytes: Unless you are sure that the data you submit can be submitted at one time, please use POST Method 4, get method to submit the data, it will bring security issues, such as a landing page, when you submit data by Get method, the user The name and password will appear on the URL, if the page can be cached or someone else can access the customer's machine, you can obtain the user's account number and password from the history, so the form submission suggested using the Post method, the Post method submitted form page Common problem is that the page if refreshed, A dialog box will pop up 1, get is the parameter data queue is added to the submission form of the Action property refers to the URL, the value and the form of each field one by one corresponding to the URL can be seen. Post is the httppost mechanism by which the fields within the form are placed within the HTML header with their contents and routed to the URL address referred to by the Action property. The user does not see the process. 2, for Get mode, the server side uses Request.QueryString to get the value of the variable, for the Post method, the server side uses Request.Form to obtain the data submitted. The parameters of both methods can be obtained by using request. 3, get the amount of data transmitted less than 2KB. Post transmits a large amount of data, which is generally not restricted by default. In theory, however, the maximum amount of IIS4 is 100KB in 80KB,IIS5. 4, get security is very low, post security is high. 5, 〈form method= "get" action= "a.asp?b=b" and 〈form method= "get" action= "a.asp" is the same, that is, the list of parameters behind the action page is ignored; Formmethod= "POST" action= "A.asp?b=b" is not the same as 〈form method= "POST" action= "a.asp".

The difference between get and post in form submission

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.