• Post Reply Bookmark Topic Watch Topic
  • New Topic

use of doGet()

 
Reshma Reddy
Ranch Hand
Posts: 197
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi all,

I want to know what is the use of doGet(), where as doPost() is secure and providing many more features compare to doGet(). why the java people not deprecated this method is there any specific reason, and I saw doGet is idempotent what is mean by idempotent.

can any one tell me what is the exact use of this method.


regards,
vardhan
 
Bear Bibeault
Author and ninkuma
Marshal
Posts: 65530
108
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
"goGet()"? Please take better care when posting.
 
Bear Bibeault
Author and ninkuma
Marshal
Posts: 65530
108
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
vardhan reddy wrote:I want to know what is the use of doGet()

To support the HTTP GET method.

where as doPost() is secure

POSTs are no more "secure" than GETs.

and providing many more features compare to doGet().

Features? There are no extra "features". Both methods are simply passed the request and response and can do whatever they like with them.

why the java people not deprecated this method

It seems that you are confusing the Servlet specification with HTTP. The Servlet spec is there to support HTTP -- it can't just make up rules of its own.

Both GET and POST have important roles in HTTP -- it's rather ridiculous to suggest that HTTP needs to be changed.

"idempotent" in this respect simply means that the server state is unchanged by the request. A GET is expected to have no side effects, while a POST can change server state.


 
Reshma Reddy
Ranch Hand
Posts: 197
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi bear,

what ever data will send to server using post is in the body, where as in get it is in url it is visible right as this is not secure and more over what ever get is doing we can do by using post, so as my questions is why we need two methods.
Both GET and POST have important roles in HTTP --


can you tell me that roles...

 
Bear Bibeault
Author and ninkuma
Marshal
Posts: 65530
108
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
vardhan reddy wrote:what ever data will send to server using post is in the body, where as in get it is in url it is visible right as this is not secure

Merely tucking the data in the body as opposed to the URL is no level of security whatsoever.

can you tell me that roles...

This really has nothing to do with Servlets, so I've moved this over to the Protocols forum.

There's tons of information on HTTP available on the net... I don't really need to repeat it here.

But I will give you one question to ponder: if GET were to disappear what would be the ramifications for bookmarking? Think of the concept of idempotency with respect to this.
 
Rob Spoor
Sheriff
Posts: 20822
68
Chrome Eclipse IDE Java Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Whenever you simply enter a URL in a browser, the browser sends a GET request to the server. This also occurs when you click on a hyper link. If you do not have a proper implementation of doGet(), then regular browsing is not possible. If you're lazy, simply call doPost(request, response).

Because GET is used when you enter a URL or active a hyper link, it is very useful for passing parameters without the need of a form; anything that appears after the ? in a URL is the query string, and it forms the parameters. The only advantage POST as an HTTP method has is that the parameters are not sent as part of the URL. This does form a very little bit of security (you can't see the parameters in the address bar), but more importantly you can use as many parameters as you want. With GET, the browser is usually limited in the URL length, and if you add too many parameters the browser will simply refuse the URL. I've seen this happen with Internet Explorer 6 quite regularly.

Although I mentioned that POST provides a little bit of security, it is not secure at all. The only security is in hiding the parameters in the browser, but they are still sent plain-text across the Internet and can be intercepted by anyone. To prevent this, use POST in combination with the HTTPS protocol.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!