Currently, only two HTTP methods are most commonly used: GET and POST. But it turned out that even among these two "pines" web developers manage to get lost. There is an explanation for this: both methods can be used to obtain the same result. But it must be remembered that the rash use of any of the methods can lead to disastrous consequences, including large loads on the channel and security holes.
To avoid this, it is enough to simply understand in more detail the purposes and differences of these methods.
If you delve into the meaning of the names of the methods, much will become clear. GET (from English to receive), i.e. should be used to request data. POST (c English send by mail) - used to send data to the server. Everything seems to be very simple and clear. But who wants to develop sites a little more complicated than a business card site with one feedback form, it is better to get to know the issue better.
Secure and insecure HTTP requests
The HTTP 1.1 specification introduces two concepts: a secure request and an insecure request, or more specifically, a method.
Safe are methods that can only request information. They cannot change the requested resource, nor can they produce undesirable results for the user, others, or the server. Examples of secure ones are requesting the HTML code of a web page or an image. The safe methods are HEAD and GET.
The note
In reality, craftsmen, of course, can harm GET requests as well. For example, query loops.
Insecure requests, you guessed it, can potentially lead to bad consequences if used repeatedly. Such requests can change the content of the resource being accessed. Examples of such requests: sending messages, registration, online payments. Unsafe methods include POST, PUT, DELETE.
Idempotent methods
Idempotency is the property of methods that, when repeatedly called, will return the same result, except when the information is out of date. This means that when accessing the same URL, all users will see the same web page, image, video, and so on. GET, PUT, DELETE methods have this property.
And now more about the GET and POST methods themselves: let's make a short “summary” for each.
GET
- designed to receive data from the server;
- the request body is empty;
- are processed on the server side faster and with less consumption of server resources due to an empty request body;
- variables are transferred in the address bar (this is how the user sees it, technically the data is transmitted in the query line) and therefore information about the variables and their values is visible (the data is not protected);
- capable of passing a small amount of data to the server: there is a limitation on the length of the URL, which depends on the browser, for example, IE6 = 2Kb. Yahoo! developers recommend to focus on this number;
- can only transmit ASCII characters;
- such a request can be copied, saved (for example, in bookmarks);
- the request can be cached (this can be controlled);
- conditional and partial requests are available to further reduce the load on the channel and the server;
- does not break the HTTP connection (when the keepAlive mode is enabled on the server).
POST
- designed to send data to the server;
- data transfer occurs in the body of the request;
- server-side processing is slower and "heavier" than GET, because in addition to headers, you need to parse the request body;
- capable of transferring large amounts of data;
- able to transfer files;
- a page generated by the POST method cannot be bookmarked;
- breaks the HTTP connection;
- to transfer even a very small amount of information, most browsers send at least two TCP packets: a header, and then a request body.
It turns out that these two methods are not so similar. The use of one or the other should be determined by the task at hand, and not by the fact that GET is used by default or is easier to work with. GET, of course, in most cases is a better option, especially when building fast AJAX, but do not forget about its shortcomings. For myself, I made a simple algorithm-note on the choice of method.
This post is intended to explain how data is transmitted over the Internet using the two main methods: GET and POST. I wrote it as an addition to the instructions for the shift work generator for those who are hardly interested in the details ☺.
Go to the following address (this is for a visual explanation): http://calendarin.net/calendar.php?year=2016 Pay attention to the browser address bar: calendarin.net/calendar.php ?year=2016 The main file is named, followed by a question mark (?) and a "year" parameter with a value of "2016". So, everything that follows the question mark is the GET request. Everything is simple. To pass more than one parameter, they must be separated by an ampersand (&). Example: calendarin.net/calendar.php ?year=2016&display=work-days-and-days-off
The main file is still named, followed by a question mark (?), then a "year" parameter with a value of "2016", then an ampersand (&), then a "display" parameter with a value of "work-days-and-days -off".
GET parameters can be changed directly in the browser's address bar. For example, changing the value "2016" to "2017" and pressing the key will take you to the calendar for 2017.
This is a data transfer in a hidden way (the page address does not change); that is, you can see what was transferred only with the help of a program (script). For example, in the following tool for counting characters in text, the initial data is transmitted by the POST method: http://usefulonlinetools.com/free/character-counter.php
If you have any questions, comments and my E-mail is at your service.
In addition to the GET method, which we discussed in the previous note, there is another method for sending a request via the HTTP protocol - the POST method. The POST method is also very often used in practice.
If, in order to access the server using the GET method, it was enough for us to type a request into the URL, then in the POST method everything works according to a different principle.
In order to perform this kind of request, we need to click on the button with the type="submit" attribute, which is located on the web page. Note that this button is located in the element
If the user enters some text into the text field and clicks on the "Submit" button, then the text variable will be sent to the server with the value of the content that the user entered.
POST and GET requests in simple terms
This variable will be sent by the POST method.
If you write in the form like this: