Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

scwcd study kit question???

 
taash mg
Ranch Hand
Posts: 106
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
HI,
i am a little confused about this question in the SCWCD study kit..
Question---

i don't get it. can't a form i submit have method as GET???
please throw some light??
Thanks
 
Hema Menon
Ranch Hand
Posts: 569
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
GET request sends form content as a part of the html request,
whereas POST would include the content in the message header. Don't you think it is a more secure/preferrable way to send the form data?
[ August 13, 2002: Message edited by: Menon Hema ]
 
Barry Gaunt
Ranch Hand
Posts: 7729
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Just a question because I'm too lazy to look it up right now:
If you use POST to send form data, is the data really hidden,
that is scrambled/encrypted/compressed when it is placed in the HTTP header?
Or is it still in plain text as it gets sent over to the servlet?
-Barry
[ August 13, 2002: Message edited by: Barry Gaunt ]
 
Raj Paul
Ranch Hand
Posts: 77
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi
i think both answers are wrong..because by not providing POST/GET they are allowing to access the report through the other one.
So i think there shouldn't be the <http-method> entry or there should be two entries.
Thanks & Regards
Mike Kumar
 
taash mg
Ranch Hand
Posts: 106
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
GET request sends data as part of the query string ,hence i understand that logically it is not good to use get here,but what i don't understand is why are they saying that submission of a form means it should be a POST request or no http-method at all, it can be any of the two i think...
 
Tracy Woo
Ranch Hand
Posts: 113
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Technically, a FORM can be submitted using GET as well as POST. So that way 'a' should be correct too. If you don't specify any http method, then the constraint applies to all the methods [GET, POST, HEAD, etc.]. So you can have any of : GET, POST or nothing in the http-method.
I *guess*, the reason they've given a as not correct is practically, POST is used to submit a FORM.
 
Tracy Woo
Ranch Hand
Posts: 113
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Mike Kumar:
Hi
i think both answers are wrong..because by not providing POST/GET they are allowing to access the report through the other one.
So i think there shouldn't be the <http-method> entry or there should be two entries.
Thanks & Regards
Mike Kumar

I think your are right. If you specify GET, anybody can access it through POST and vice versa. So it really depends on how the servlet is coded. If the logic is coded in the doPost() method, then it does not matter if somebody tries to access it using GET becasue the servlet won't do anything the doGet(). I think that info should be given in the question.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic