• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

use of doGet()

 
Ranch Hand
Posts: 197
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi all,

I want to know what is the use of doGet(), where as doPost() is secure and providing many more features compare to doGet(). why the java people not deprecated this method is there any specific reason, and I saw doGet is idempotent what is mean by idempotent.

can any one tell me what is the exact use of this method.


regards,
vardhan
 
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
"goGet()"? Please take better care when posting.
 
Bear Bibeault
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

vardhan reddy wrote:I want to know what is the use of doGet()


To support the HTTP GET method.

where as doPost() is secure


POSTs are no more "secure" than GETs.

and providing many more features compare to doGet().


Features? There are no extra "features". Both methods are simply passed the request and response and can do whatever they like with them.

why the java people not deprecated this method


It seems that you are confusing the Servlet specification with HTTP. The Servlet spec is there to support HTTP -- it can't just make up rules of its own.

Both GET and POST have important roles in HTTP -- it's rather ridiculous to suggest that HTTP needs to be changed.

"idempotent" in this respect simply means that the server state is unchanged by the request. A GET is expected to have no side effects, while a POST can change server state.


 
Reshma Reddy
Ranch Hand
Posts: 197
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi bear,

what ever data will send to server using post is in the body, where as in get it is in url it is visible right as this is not secure and more over what ever get is doing we can do by using post, so as my questions is why we need two methods.

Both GET and POST have important roles in HTTP --



can you tell me that roles...

 
Bear Bibeault
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

vardhan reddy wrote:what ever data will send to server using post is in the body, where as in get it is in url it is visible right as this is not secure


Merely tucking the data in the body as opposed to the URL is no level of security whatsoever.

can you tell me that roles...


This really has nothing to do with Servlets, so I've moved this over to the Protocols forum.

There's tons of information on HTTP available on the net... I don't really need to repeat it here.

But I will give you one question to ponder: if GET were to disappear what would be the ramifications for bookmarking? Think of the concept of idempotency with respect to this.
 
Sheriff
Posts: 22783
131
Eclipse IDE Spring VI Editor Chrome Java Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Whenever you simply enter a URL in a browser, the browser sends a GET request to the server. This also occurs when you click on a hyper link. If you do not have a proper implementation of doGet(), then regular browsing is not possible. If you're lazy, simply call doPost(request, response).

Because GET is used when you enter a URL or active a hyper link, it is very useful for passing parameters without the need of a form; anything that appears after the ? in a URL is the query string, and it forms the parameters. The only advantage POST as an HTTP method has is that the parameters are not sent as part of the URL. This does form a very little bit of security (you can't see the parameters in the address bar), but more importantly you can use as many parameters as you want. With GET, the browser is usually limited in the URL length, and if you add too many parameters the browser will simply refuse the URL. I've seen this happen with Internet Explorer 6 quite regularly.

Although I mentioned that POST provides a little bit of security, it is not secure at all. The only security is in hiding the parameters in the browser, but they are still sent plain-text across the Internet and can be intercepted by anyone. To prevent this, use POST in combination with the HTTPS protocol.
 
reply
    Bookmark Topic Watch Topic
  • New Topic