get and post http request of difference
preface:
we are now the degree of your mother a bit, check the most difference, probably:
"Get the parameters in the URL to write, Post request body to pass through the Senate."
"GET POST is not safe, because the parameters are displayed directly on Get URL"
"Get request parameters transmitted in the URL is limited length, and is no POST"
However, the truth is that right? ! ! ! There is always only one truth! ! !
Earlier analysis first wave:
How to GET and POST data transfer does not matter? ?
GET and POST are defined by the HTTP protocol. So which way and how the application layer data transmission is no relationship. Thus, HTTP there is no requirement, POST requests must be placed inside the body, GET on the URL must be placed inside.
In the HTML standard, it is has a similar definition. But this is only HTML standard convention for use of the HTTP protocol. That is the norm that no distinction.
Well, this statement come from it? Because there achieve a variety of browsers and other software, it becomes a phenomenon as we know, GET use the URL parameter passing, POST with a body mass participation.
HTTP protocol has no restrictions on the length of the GET and POST? ?
Clear that the HTTP protocol, HTTP request header and the body of the request requires no length.
As for the restrictions on the length of the URL, there are two aspects of the causes:
1. browser. IE URL is said to be limited to a length of 2048 characters. But as far as I know, firefox length is more than 10W support.
2. Server. Long server processing the URL itself is a burden, not to mention from malicious attack? Therefore, most server for security, stability and other aspects to consider, give URL length restrictions.
But this restriction is a request for all HTTP, the GET, POST does not matter.
Safe and unsafe GET, POST has no relationship? ?
The problem, first you have to confirm the object-oriented.
for example:
1. You want to see my mom and dad this URL, you feel safe?
2. You are now just started to make a primary function test engineers to test this link, you feel safe?
3. You now want to look at security test engineer get request, you feel safe?
So, defined for different groups of people, the security will be different.
"If you are willing to peel layer by layer, a layer of my heart, you will find that you will be surprised, you are my most depressing deepest secrets."
After the Get and Post peel, their essence is the TCP link, and non-discriminatory.
But due to the limitations of the provisions of HTTP and the browser / server, causing them to reflect some differences in the application process.
So in the end the truth of what is it?
Get generates a TCP packet; Post generating two TCP packets.
For the GET request, the browser will http header and data sent together, the server response 200 (return data);
For POST, the browser transmits the first header, the server response 100 (continue), and then transmits data, in response to the server 200 (return data);