Reprinted from http://www.techweb.com.cn/network/system/2016-10-11/2407736.shtml
GET and POST are two basic methods of HTTP request. To say the difference, anyone who has contacted with WEB development can tell one or two.
The most intuitive difference is that GET includes the parameters in the URL, and POST passes the parameters through the request body.
You may have written countless GET and POST requests yourself, or have seen the difference between them summarized by many authoritative websites. You know exactly when to use.
When you are asked this question during an interview, your heart is full of confidence and joy.
You easily gave a "standard answer":
GET is harmless when the browser rolls back, and POST will submit the request again. The URL address generated by GET can be Bookmark, but POST cannot. GET requests will be actively cached by the browser, but POST will not, unless manually set. GET requests can only be URL encoded, while POST supports multiple encoding methods. The GET request parameters will be completely retained in the browser history, while the parameters in POST will not be retained. The parameters transmitted by the GET request in the URL are limited in length, but there is no POST. For the data type of the parameter, GET only accepts ASCII characters, and POST has no restrictions. GET is more insecure than POST, because the parameters are directly exposed on the URL, so it cannot be used to transfer sensitive information. GET parameters are passed through the URL, and POST is placed in the Request body."Unfortunately, this is not the answer we want!"
Please tell me the truth. . .
If I tell you that GET and POST are essentially the same, do you believe it?
Let's take off the coats of GET and POST and meet frankly!
What are GET and POST? Two methods of sending requests in the HTTP protocol.
What is HTTP? HTTP is a protocol based on TCP / IP on how data communicates in the World Wide Web.
The bottom layer of HTTP is TCP / IP. So the bottom layer of GET and POST is also TCP / IP, that is to say, GET / POST are both TCP links. GET and POST can do the same thing. You need to add request body to GET and bring url parameter to POST, which is completely technically feasible.
So, what are the differences in the "standard answers"?
In my world of the World Wide Web, TCP is like a car. We use TCP to transport data. It is very reliable, and there will never be a phenomenon of missing or missing parts. But if all the cars running on the road look exactly the same, then the world looks like a mess. The cars sending urgent items may be blocked on the road by the cars full of goods in front, and the entire transportation system will be paralyzed. To prevent this from happening, traffic rules HTTP was born. HTTP sets several service categories for automobile transportation, including GET, POST, PUT, DELETE, etc. HTTP stipulates that when performing a GET request, the car should be labeled with GET (set method to GET), and require Put the transmitted data on the roof of the car (in the url) for easy recording. If it is a POST request, put the POST label on the car and put the goods in the compartment. Of course, you can also secretly hide some goods in the car during GET, but this is very disgraceful; you can also put some data on the roof of the car during POST, which makes people feel stupid. HTTP is just a code of conduct, and TCP is the basis of how GET and POST are implemented.
However, we only see HTTP requests for the transmission channel (url or requrest body) of GET and POST parameters. Where does the limit on the parameter size in the "standard answer" come from?
在我大万维网世界中,还有另一个重要的角色:运输公司。不同的浏览器(发起http请求)和服务器(接受http请求)就是不同的运输公司。 虽然理论上,你可以在车顶上无限的堆货物(url中无限加参数)。但是运输公司可不傻,装货和卸货也是有很大成本的,他们会限制单次运输量来控制风险,数据量太大对浏览器和服务器都是很大负担。业界不成文的规定是,(大多数)浏览器通常都会限制url长度在2K个字节,而(大多数)服务器最多处理64K大小的url。超过的部分,恕不处理。如果你用GET服务,在request body偷偷藏了数据,不同服务器的处理方式也是不同的,有些服务器会帮你卸货,读出数据,有些服务器直接忽略,所以,虽然GET可以带request body,也不能保证一定能被接收到哦。
好了,现在你知道,GET和POST本质上就是TCP链接,并无差别。但是由于HTTP的规定和浏览器/服务器的限制,导致他们在应用过程中体现出一些不同。
你以为本文就这么结束了?
我们的大BOSS还等着出场呢。。。
这位BOSS有多神秘?当你试图在网上找“GET和POST的区别”的时候,那些你会看到的搜索结果里,从没有提到他。他究竟是什么呢。。。
GET和POST还有一个重大区别,简单的说:
GET产生一个TCP数据包;POST产生两个TCP数据包。
长的说:
对于GET方式的请求,浏览器会把http header和data一并发送出去,服务器响应200(返回数据);
而对于POST,浏览器先发送header,服务器响应100 continue,浏览器再发送data,服务器响应200 ok(返回数据)。
也就是说,GET只需要汽车跑一趟就把货送到了,而POST得跑两趟,第一趟,先去和服务器打个招呼“嗨,我等下要送一批货来,你们打开门迎接我”,然后再回头把货送过去。
因为POST需要两步,时间上消耗的要多一点,看起来GET比POST更有效。因此Yahoo团队有推荐用GET替换POST来优化网站性能。但这是一个坑!跳入需谨慎。为什么?
1. GET与POST都有自己的语义,不能随便混用。
2. 据研究,在网络环境好的情况下,发一次包的时间和发两次包的时间差别基本可以无视。而在网络环境差的情况下,两次包的TCP在验证数据包完整性上,有非常大的优点。
3. 并不是所有浏览器都会在POST中发送两次包,Firefox就只发送一次。
现在,当面试官再问你“GET与POST的区别”的时候,你的内心是不是这样的?
