This week's book giveaway is in the Cloud/Virtualizaton forum.
We're giving away four copies of Mesos in Action and have Roger Ignazio on-line!
See this thread for details.
Win a copy of Mesos in Action this week in the Cloud/Virtualizaton forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

POST and GET Method Diferences

 
Rajpal Kandhari
Ranch Hand
Posts: 126
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello every one,
I was finding diferences between GET and POST method attribute of <form> tag in HTML. I am very much clear with the following differences:

GET:
1. The web browser submits the form data as part of a URL.
2. We can pass limited data.
3. In GET URL is visible.
POST:
1. The web browser sends the form's data separetly from the URL as a stream of bits.
2. Therefor, POST method can handle any amout of data.
3. Data send by POST method is not visible in the URL.
I found some other differences (read from forum and books ) but could not understand what they mean. Can any one explain me clearly in detail what it mean.
GET:
1. URL can be bookmarked. what dose it mean?
2. The GET method should be safe, that is, without any side effects for which users are held responsible.
3. If a client request is intended to change stored data, the
request should use some other HTTP method.
4. The GET method should also be idempotent, meaning that it
can be safely repeated. What dose it mean and how dose it work? Any example, pls?
POST:
1. This method does not need to be either safe or idempotent.
2. Operations requested through POST can have side effects for
which the user can be held accountable.
Pls explain me what dose the above sentance mean with example.

Thanks.
Raj.

------------------
 
Tony Alicea
Desperado
Sheriff
Posts: 3226
5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
- idempotent noun:
"relating to or being a mathematical quantity which when applied to itself under a given binary operation (as multiplication) equals itself; also : relating to or being an operation under which a mathematical quantity is idempotent"
Obviously an overkill (or no kill if you ask me) of a definition.
GET requests, since they are part of the URL, can be seen by anyone that has access to the browser (via the history or cache) after a presumably private transaction is made. They can even be bookmarked (making it even easier to the eavesdropper).
The same is not true of POST requests.
Conclusion: Every FORM METHOD= attribute should be set to POST if privacy (not to mention security) is of any concern.
However, the only way of passing parameters to a Java servlet (and in the old days to a CGI program) using a link (HREF=...) is via GET; There is no POST.
For example, http://servlet/CheckOutControllerServlet?account=123 uses a GET method (no choice of request method there).
so choose your FORM METHODs carefully.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic