GeeCON Prague 2014*
The moose likes Servlets and the fly likes POST and GET Method Diferences Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Java » Servlets
Bookmark "POST and GET Method Diferences" Watch "POST and GET Method Diferences" New topic
Author

POST and GET Method Diferences

Rajpal Kandhari
Ranch Hand

Joined: Aug 26, 2000
Posts: 126
Hello every one,
I was finding diferences between GET and POST method attribute of <form> tag in HTML. I am very much clear with the following differences:

GET:
1. The web browser submits the form data as part of a URL.
2. We can pass limited data.
3. In GET URL is visible.
POST:
1. The web browser sends the form's data separetly from the URL as a stream of bits.
2. Therefor, POST method can handle any amout of data.
3. Data send by POST method is not visible in the URL.
I found some other differences (read from forum and books ) but could not understand what they mean. Can any one explain me clearly in detail what it mean.
GET:
1. URL can be bookmarked. what dose it mean?
2. The GET method should be safe, that is, without any side effects for which users are held responsible.
3. If a client request is intended to change stored data, the
request should use some other HTTP method.
4. The GET method should also be idempotent, meaning that it
can be safely repeated. What dose it mean and how dose it work? Any example, pls?
POST:
1. This method does not need to be either safe or idempotent.
2. Operations requested through POST can have side effects for
which the user can be held accountable.
Pls explain me what dose the above sentance mean with example.

Thanks.
Raj.

------------------

Regards,<P>Raj.<BR>-------------------------<BR>Afforts should be Appriciated.<BR>-------------------------
Tony Alicea
Desperado
Sheriff

Joined: Jan 30, 2000
Posts: 3222
    
    5
- idempotent noun:
"relating to or being a mathematical quantity which when applied to itself under a given binary operation (as multiplication) equals itself; also : relating to or being an operation under which a mathematical quantity is idempotent"
Obviously an overkill (or no kill if you ask me) of a definition.
GET requests, since they are part of the URL, can be seen by anyone that has access to the browser (via the history or cache) after a presumably private transaction is made. They can even be bookmarked (making it even easier to the eavesdropper).
The same is not true of POST requests.
Conclusion: Every FORM METHOD= attribute should be set to POST if privacy (not to mention security) is of any concern.
However, the only way of passing parameters to a Java servlet (and in the old days to a CGI program) using a link (HREF=...) is via GET; There is no POST.
For example, http://servlet/CheckOutControllerServlet?account=123 uses a GET method (no choice of request method there).
so choose your FORM METHODs carefully.

Tony Alicea
Senior Java Web Application Developer, SCPJ2, SCWCD
 
GeeCON Prague 2014
 
subject: POST and GET Method Diferences