Transferred from WeChat public account WebTechGarden
GET and POST are the two basic methods of HTTP requests. If you want to talk about their differences, anyone who has been exposed to WEB development can tell one or two.
The most intuitive difference is that GET includes parameters in the URL, and POST passes parameters through the request body.
You may have written countless GET and POST requests yourself, or have seen many authoritative websites summarizing their differences, and you know exactly when to use what.
When you face this question in an interview, your heart fills with joy.
You easily gave a "standard answer":
1. GET is harmless when the browser rolls back, and POST will submit the request again.
2. The URL address generated by GET can be Bookmarked, but POST cannot.
3. GET requests will be actively cached by the browser, while POST will not, unless manually set.
4. The parameters of the GET request will be completely saved in the history record, and the POST will not.
5. GET request parameters are placed in the URL, and POST is placed in the request body.
6. GET requests can only be url encoded, while POST requests support multiple encoding methods.
7. For parameter types, GET only accepts ASCII characters, while POST has no restrictions.
8. The parameters passed in the URL of the GET request are limited in length, while the POST does not.
9. GET is less secure than POST, because the parameters are directly exposed in the URL, so sensitive information cannot be passed.
but, this is not the answer we want! ! ! !
Please tell me what I really want....
Would you believe me if I told you that GET and POST are essentially no different?
What are GET and POST?
There are two methods of sending requests in HTTP.
What is HTTP?
HTTP is a communication protocol based on TCP/IP for how data is passed on the World Wide Web.
The bottom layer of HTTP is TCP/IP, so the bottom layer of GET and POST is also TCP/IP, which means that both GET and POST are TCP links. GET and POST can do the same thing. It is technically possible to add request body to GET or url parameter to POST.
In my big world of the world wide web, TCP is like a car, we use TCP to transport data, it is very reliable, and there is never a phenomenon of missing pieces. But if the road is full of cars that look exactly the same, the world looks like a mess, and the car delivering the urgent shipment may be blocked on the road by the car full of goods in front, and the entire transportation system will be paralyzed. To avoid this from happening, the traffic rules HTTP was born. HTTP sets several service categories for car transportation, including GET, POST, PUT, DELETE, etc. HTTP stipulates that when a GET request is executed, the car should be labeled GET (set the method to GET), and the request Put the transmitted data on the roof of the car (in the url) for easy recording. If it is a POST request, put a POST label on the car and put the goods in the car. Of course, you can also secretly hide some cargo in the car during GET, but this is very disgraceful; you can also put some data on the roof of the car during POST, which makes people feel silly. HTTP is just a code of conduct, and TCP is the basis for how GET and POST are implemented.
However, we only see HTTP requirements for the delivery channel (url or request body) of GET and POST parameters. Where does the limit on parameter size in the "standard answer" come from?
在我大万维网世界中,还有另一个重要的角色:运输公司。不同的浏览器(发起http请求)和服务器(接受http请求)就是不同的运输公司。 虽然理论上,你可以在车顶上无限的堆货物(url中无限加参数)。但是运输公司可不傻,装货和卸货也是有很大成本的,他们会限制单次运输量来控制风险,数据量太大对浏览器和服务器都是很大负担。业界不成文的规定是,(大多数)浏览器通常都会限制url长度在2K个字节,而(大多数)服务器最多处理64K大小的url。超过的部分,恕不处理。如果你用GET服务,在request body偷偷藏了数据,不同服务器的处理方式也是不同的,有些服务器会帮你卸货,读出数据,有些服务器直接忽略,所以,虽然GET可以带request body,也不能保证一定能被接收到哦。
好了,现在你知道,GET和POST本质上就是TCP链接,并无差别。但是由于HTTP的规定和浏览器/服务器的限制,导致他们在应用过程中体现出一些不同。
GET和POST还有一个重大区别,简单的说:
GET产生一个TCP数据包;POST产生两个TCP数据包。
长的说:
对于GET方式的请求,浏览器会把http header和data一并发送出去,服务器响应200(返回数据);
而对于POST,浏览器先发送header,服务器响应100 continue,浏览器再发送data,服务器响应200 ok(返回数据)。
也就是说,GET只需要汽车跑一趟就把货送到了,而POST得跑两趟,第一趟,先去和服务器打个招呼“嗨,我等下要送一批货来,你们打开门迎接我”,然后再回头把货送过去。
因为POST需要两步,时间上消耗的要多一点,看起来GET比POST更有效。因此Yahoo团队有推荐用GET替换POST来优化网站性能。但这是一个坑!跳入需谨慎。为什么?
GET与POST都有自己的语义,不能随便混用。
据研究,在网络环境好的情况下,发一次包的时间和发两次包的时间差别基本可以无视。而在网络环境差的情况下,两次包的TCP在验证数据包完整性上,有非常大的优点。
并不是所有浏览器都会在POST中发送两次包,Firefox就只发送一次。