• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Diff between GET and POST in HTTPREQUEST

 
Ramaswamy Narayanan O.B
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
what is the main difference between GET and POST method? And when one refreshes or reloades a page , does the methods (GET and POST ) behave differently if so how?
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 65335
97
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
With respect to servlets, that very much depends upon how the servlets are written. They can do very distinct operations, or they can do the exact same operation.

Or are you asking how the browsers handle the different HTTP methods?
 
Muthukrishnan Manoharan
Ranch Hand
Posts: 91
Eclipse IDE Firefox Browser Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
GET basically appends your form data to the URL as query string. Hence it is not secure as your form data is visible (especially when you have a password field)

POST (unlike GET) doesnt append the value to the URL; instead the form values and request parameters are sent via the message body. SO POST is secure.

GET should be used when the form processing is idempotent (as per specs) i.e. just getting the values. whereas POST may involve anything like updating or storing data.

And GET has some size limitation of sending data when compared with POST.

 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 65335
97
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
While much of the previous post is accurate, the assertion that POST is secure is not. POST is most definitely not secure. Even though the parameter data is not passed on the URL, it is passed as clear text in the request body and is no more secure than passing that same data on the URL.
 
Muthukrishnan Manoharan
Ranch Hand
Posts: 91
Eclipse IDE Firefox Browser Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Bear Bibeault

I would like to know if there can be any other way of passing the sensitive form data to the server without exposing them in the message body or URL. HTTPS specification is the only alternative to this?
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 65335
97
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Encryption is the only way for the data to be truly secure, and SSL is the most often used.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic