I. Introduction
Today, some research HTTP
protocol, the GET
method and POST
the difference method. A study found, GET
and POST
totally not like me to learn Web
to understand the development is so, their relationship completely changed my previous understanding. This blog I came to talk about two levels GET
with POST
a difference - the browser level and message level.
Second, the text
The difference between the level of 2.1 browser
GET
And POST
the difference method in the browser level most people more or less know something, it mainly includes the following aspects:
Through the above distinction, we summarized in the following two points:
- The GET : It is used to request to server resources, so there is no side effects, and it is idempotent, can be cached;
- The POST : used to modify the data request to the server, so there are side effects, it is non-idempotent, it can not be cached;
HTTP
Idempotent: Each request will produce the same side effects.
GET
Is idempotent, because it is only requested resources, it will not have an impact on the server, that is, no side effects, it is idempotent; andPOST
requests are not idempotent, because it modifies the data, each request will cause side effects again.
These differences listed above, some are actually causally related, such as POST
to modify the data request to the server, so every time POST
a request to modify the data will, in theory, to the server, and as such, only these few:
- Need to re-submit data refresh to get the latest resources;
- Non-cacheable, because the
POST
request will modify the resources, so the old cache resources does not make sense;
The browser will GET
request the data into URL
, whereas POST
the requested data into the body
middle, so only a few below:
POST
Request more secure becauseGET
the request data directly into the URL, the user can see directly, butPOST
the data intobody
the user can not directly visible;GET
Only the requested dataASCII
character, because the dataURL
inURL
only allows ASCII characters, andPOST
data intobody
, thebody
allowed binary data;
However, these differences are browsers and Web
servers to follow HTTP
, not the implementation of the agreement GET
and POST
the essential difference between, let's analyze the packet level GET
and POST
different.
2.2 packet-level difference
Here I give a direct conclusion: GET and POST method is essentially not much different, only packets of different formats as well as the method name . Whether GET
a method or POST
message method, is HTTP
the message, and HTTP
is based on TCP/IP
doing data transmission, that is, at the transport layer, packet transmission of the two methods is not any difference. In the agreement, the GET
data is placed in the method URL
, and POST
packet data is placed body
is the difference in format, but this is not absolute.
2.3 depth understanding of the difference between them
Below I will explain the nature of the above mentioned level to make a difference in interpretation:
(1) GET method is used to request resources from the server, and the POST method request to modify the data server
This is the HTTP
norm in these two methods convention, but merely agreed, not mandatory. In other words, we can through the GET
method of requesting a server to modify data, and by POST
request to the server resource method. For many Web
beginners developed, we should have done similar things, such as making use Servlet
or SpringMVC
do Web
develop, mix GET
with POST
. So, for this one difference, it is not certain.
(2) GET method data is placed URL, rather POST into body
This is also the HTTP
norm these two methods convention message, and the browser when you create the request message is implemented in accordance with this convention, nothing more. That is to say, for the GET
request, we can also put data body
in, and for POST
the data, we can put URL
in. We violation of this agreement, the message can still normal transmission, as long as the implementation supports server, you can normally get the data.
Data (3) GET method with a transmission limit (length and type), whereas no POST
As we have said, GET
the method can only send ASCII
character data, and the length of the data is limited, but POST
you can send binary data, and there is no length limit. First, the data type, it is not a GET
method of transmitting only ASCII
character data, but URL
can only into character data, and the GET
data is placed in the method URL
, naturally only be URL
limited. If we in the GET
message body
placed data, still able to put binary data. Come talk about the length of the data, HTTP
the specification does not limit URL
the length of the true limit URL
the length of the browser, the browser in order to facilitate the processing of data, as well as security considerations, on the URL
length of the limit. However, the HTTP
specification does not limit the URL
length, we can by way of writing code to create a very, very long containing URL
the HTTP
message is normally transmitted.
(4) POST method is more secure than the GET method
The basis for this argument is that the browser does not put POST
the data into URL
the user can not directly see, it is considered POST
more secure. However, the process of data transmission, GET
and POST
transmission of packets is no difference, is through the TCP
transmission connection. As long as we pass the packet capture software to crawl the HTTP
message, in fact, they carry the data are directly visible, there is no security at all. So, strictly speaking, GET
and POST
the security is not much difference. If you want security, you should use HTTPS
.
(5) POST request sends two TCP packets
Internet is also circulating Another difference between them, that the browser will POST
request header
and body
separately transmitted, generating two TCP
segments, the first transmission header
, the server receives the response status code 100
after the re-transmission body
portion. However, the HTTP
specification does not clearly illustrate this point, but also in the actual test, this did not happen. It is considered that this is only self-realization in some browsers, not POST
necessarily behavior.
Third, the summary
We're talking about GET
and POST
when the difference should be as above, Points of discussion. In the browser level, there are many differences between them, some are HTTP
standard convention, but it is still self-realization and most browsers; and In essence, there is not much difference between the two kinds.