what is differance between the get/post method?

what is differance between the get/post method?

hi Guy,
GET and POST methods have a lot of difference.
0- Fundamentaly the GET method is used to retreive information and POST to post new data to severs
1- GET parameters are inside the request URL while POST Parameters are in the <body> section of the input request.
so, get methods parameters are not hidden, and can be limited by browser specs.

2- GET method does not have body section
3- GET is the default method associeted to actions when not explicitly set
4- GET is associated to the doGet() and POST to the doPost() method in GenericServlet.
....

In futher, concernind data caching, GET request can be catched nor the POST.

Just to correct the number 4 point from @elvadas,

the doPost() and doGet() Methods are not part of Genericservlet. They are defined and default implementation is in HttpServlet as GET and POST are Http Specific methods.


Hope this helps.

Refer to this API http://download.oracle.com/javaee/1.3/api/javax/servlet/http/HttpServlet.html

GET method

1. Default method
2. The data passed to servlet is shown up on the Browser URL. So is not secured way to pass data from front end to the servlet
3. Calls the doGet() HTTP Method.
4. It is Idempotent. ie when a user clicks on a link knowingly or unknowingly for a second time, a second request is passed.

POST method

1. The data passed is not part of the Request header, but its part of Request Body. hence data is not shown up in Browser URL and hence secured way of transmitting data from front end to servlets.
2. Calls doPost() HTTP Method.
3. It is non-Idempotent. that is even if you try to pass a number of consecutive requests, only one request is passed to server. Hence can be used when your request is gonna change some database entry.

Ashwin

SCJP | SCWCD | OCA

Ashwin Sridhar wrote:1. Default method

There is no such thing as a "default" method. Unless you mean if you omit the method attribute of an HTML form.

4. It is Idempotent.

It should be idempotent,. Whether it is or not entirely depends upon the actions taken by the server-side code.

and hence secured way of transmitting data from front end to servlets.

Absolutely not. A POST method in no way secures the data. Not at all. Just because data is not visible on the URL does not make it secure!

3. It is non-Idempotent.

Again, it depends upon the actions of the server-side code.

that is even if you try to pass a number of consecutive requests, only one request is passed to server.

This is not correct. Nothing will block any number of subsequent requests.

Bear Bibeault wrote:

Ashwin Sridhar wrote:1. Default method
There is no such thing as a "default" method. Unless you mean if you omit the method attribute of an HTML form.

definitely there is no method by name default. The request is passed by default as GET HTTP method.

4. It is Idempotent
It should be idempotent,. Whether it is or not entirely depends upon the actions taken by the server-side code..
3. It is non-Idempotent
Again, it depends upon the actions of the server-side code..


that is even if you try to pass a number of consecutive requests, only one request is passed to server.

This is not correct. Nothing will block any number of subsequent requests.

Definitely Post method is non-idempotent. No server-side action is required for making POST method non-idempotent.
In a scenario, i need to delete/insert a data in table. Suppose i press the link twice by mistake, in such case the data would be deleted/updated twice in Database.
To prevent it, i use POST method which is Non-idempotent.

and hence secured way of transmitting data from front end to servlets
Absolutely not. A POST method in no way secures the data. Not at all. Just because data is not visible on the URL does not make it secure!.

here we are not speaking about authentication/authorisation/data-integrity/confidentiality security aspects.
By secured i mean, data doesn't show up on url and the data being transmitted is not known to user.

Ashwin Sridhar wrote:To prevent it, i use POST method which is Non-idempotent.

As I said, POST can be non-idenpotent. Whether a POST actual is or not depends upon what the post operation actually does.

By secured i mean, data doesn't show up on url and the data being transmitted is not known to user.

Again, that is in no way secured. Not by a long shot.

When you are Using do Get() method you can pass 4000 characters only there is a limitation.
when you are using do Post() method you can send unlimited data
Example like:Upload Resume

do Get- Idempotent

do Post-non-Idempotent

Idempotent means of you can send multiple request is there is no change in response is called Idempotent

Ashwin Sridhar wrote:
Definitely Post method is non-idempotent. No server-side action is required for making POST method non-idempotent.
In a scenario, i need to delete/insert a data in table. Suppose i press the link twice by mistake, in such case the data would be deleted/updated twice in Database.
To prevent it, i use POST method which is Non-idempotent

The specification (chapter 8.1.2.) says all methods except POST should be itempotent. Which means post is the only HTTP method that the spec allows for non-idempotent requests. That does not by any means mean that the POST method IS non-idempotent, nor does it make any method specified to retain idempotency, idempotent. That is up to the developer. I can easily make an idempotent POST request and a non-idempotent GET request. But the spec says I shouldn't do that.

And if you take "no server-side action", post WILL be idempotent.

using the POST method does not prevent any database integrity errors. Ever. You have to prevent that yourself.