Get vs Post http://blog.teamtreehouse.com/the-definitive-guide-to-get-vs-post
2015-08-27 15:29
639 查看
According to Wikipedia:
GET requests a representation of the specified resource. Note that GET should not be used for operations that cause side-effects, such as using it for taking actions in web applications. One reason for this is that GET may be used arbitrarily by robots or crawlers, which should not need to consider the side effects that a request should cause.
and
POST submits data to be processed (e.g., from an HTML form) to the identified resource. The data is included in the body of the request. This may result in the creation of a new resource or the updates of existing resources or both.
So essentially
HTTP/1.1 specification (RFC 2616) section 9 Method Definitions contains more information on
In addition to explaining the intended uses of each method, the spec also provides at least one practical reason for why
Authors of services which use the HTTP protocol SHOULD NOT use GET based forms for the submission of sensitive data, because this will cause this data to be encoded in the Request-URI. Many existing servers, proxies, and user agents will log the request URI in some place where it might be visible to third parties. Servers can use POST-based form submission instead
Finally, an important consideration when using
GET requests a representation of the specified resource. Note that GET should not be used for operations that cause side-effects, such as using it for taking actions in web applications. One reason for this is that GET may be used arbitrarily by robots or crawlers, which should not need to consider the side effects that a request should cause.
and
POST submits data to be processed (e.g., from an HTML form) to the identified resource. The data is included in the body of the request. This may result in the creation of a new resource or the updates of existing resources or both.
So essentially
GETis used to retrieve remote data, and
POSTis used to insert/update remote data.
HTTP/1.1 specification (RFC 2616) section 9 Method Definitions contains more information on
GETand
POSTas well as the other HTTP methods, if you are interested.
In addition to explaining the intended uses of each method, the spec also provides at least one practical reason for why
GETshould only be used to retrieve data:
Authors of services which use the HTTP protocol SHOULD NOT use GET based forms for the submission of sensitive data, because this will cause this data to be encoded in the Request-URI. Many existing servers, proxies, and user agents will log the request URI in some place where it might be visible to third parties. Servers can use POST-based form submission instead
Finally, an important consideration when using
GETfor AJAX requests is that some browsers - IE in particular - will cache the results of a
GETrequest. So if you, for example, poll using the same
GETrequest you will always get back the same results, even if the data you are querying is being updated server-side. One way to alleviate this problem is to make the URL unique for each request by appending a timestamp.
GET (HTTP)User Rating (546):current rating is3.91/5 1 2 3 4 5 | POST (HTTP)User Rating (599):current rating is4.35/5 1 2 3 4 5 | |
---|---|---|
History | Parameters remain in browser history because they are part of the URL | Parameters are not saved in browser history. |
Bookmarked | Can be bookmarked. | Can not be bookmarked. |
BACK button/re-submit behaviour | GET requests are re-executed but may not be re-submitted to server if the HTML is stored in the browser cache. | The browser usually alerts the user that data will need to be re-submitted. |
Encoding type (enctype attribute) | application/x-www-form-urlencoded | multipart/form-data or application/x-www-form-urlencoded Use multipart encoding for binary data. |
Parameters | can send but the parameter data is limited to what we can stuff into the request line (URL). Safest to use less than 2K of parameters, some servers handle up to 64K | Can send parameters, including uploading files, to the server. |
Hacked | Easier to hack for script kiddies | More difficult to hack |
Restrictions on form data type | Yes, only ASCII characters allowed. | No restrictions. Binary data is also allowed. |
Security | GET is less secure compared to POST because data sent is part of the URL. So it's saved in browser history and server logs in plaintext. | POST is a little safer than GET because the parameters are not stored in browser history or inweb server logs. |
Restrictions on form data length | Yes, since form data is in the URL and URL length is restricted. A safe URL length limit is often 2048 characters but varies by browser and web server. | No restrictions |
Usability | GET method should not be used when sending passwords or other sensitive information. | POST method used when sending passwords or other sensitive information. |
Visibility | GET method is visible to everyone (it will be displayed in the browser's address bar) and has limits on the amount of information to send. | POST method variables are not displayed in the URL. |
Cached | Can be cached | Not cached |
相关文章推荐
- 【转】C#模拟http 发送post或get请求
- 网络流模版(ISAP)/最大流最小割定理 poj 3469
- Android HttpGet和HttpPost设置超时
- 网络数据包从主机A传输到主机B的流程
- KVM虚拟化网络优化技术总结
- ACE网络编程 --ACE库入门:中篇-ACE程序员教程
- Android之使用HttpURLConnection类查看网络图片以及网络源码
- wpa_supplicant无线网络配置
- 字符串操作的实现:strstr、strcat、strcmp和stcpy
- linux系统——网络调试工具
- http post 接口
- vmware exs 配置管理网络的问题
- 网络I/O中的同步、异步、阻塞和非阻塞概念
- 全网络对Linux input子系统最清晰、详尽的分析
- 流媒体协议介绍(rtp/rtcp/rtsp/rtmp/mms/hls)
- Tigase开发笔记6:packet流转机制 -> 一条消息(packet)的请求和响应过程解析
- RESTful Java client with Apache HttpClient
- http错误码大全
- TCP/IP TIME_WAIT状态原理
- 网络通信