What exactly is GET and what is POST? Required courses for front-end programmers

Preface
http basics
Introduction to GET and POST
GET vs. POST: Parameter passing
Safety and idempotence
scenes to be used

Preface

On the Internet stage between the browser and the server, GET and POST are like two legendary characters, each playing an important role. Their battleground is HTTP, and this battle is related to the speed of web pages, user experience, etc., and has far-reaching consequences.

This blog will lead you into the duel between GET and POST. Just like the two protagonists in a classic movie, they each have their own strengths and characteristics. Let’s demystify this HTTP war and find out.

http basics

HTTP (Hypertext Transfer Protocol) is a protocol used for data communication on the Web. It is a client-server protocol, the client sends a request and the server returns a response. The following are the basic concepts of HTTP:

1. Request:

Request Method: defines the operation type of the request. Common ones include GET (obtaining resources), POST (submitting data), PUT (updating resources), and DELETE. (Delete resources) etc.
URL (Uniform Resource Locator): represents the target resource of the request. Including protocol (http or https), host name, port number, path, etc.
Request Headers: Contains additional information about the request, such as user agent, accepted data types, etc.
Request Body: In some requests, such as POST requests, data can be sent to the server through the request body.

2. Response:

Status Code: The server's processing result of the request. Common ones are 200 OK (success), 404 Not Found (resource not found), 500 Internal Server Error (Server internal error) etc.
Response Headers: Contains some meta-information of the response, such as server type, date, content type, etc.
Response Body: Contains the actual response data, such as HTML page, JSON data, etc.

3. Communication method between client and server:

Establishing Connection: The client establishes a TCP connection with the server (default port 80), or establishes an encrypted connection through the secure HTTPS protocol (default port 443).
Sending Request: The client sends an HTTP request to the server, including the request line, request header and request body.
Processing Request: After the server receives the request, it processes it according to the content of the request.
Sending Response: The server sends an HTTP response to the client, including status line, response header and response body.
Closing Connection: After an HTTP interaction is completed, the client or server can choose to close the connection or keep the connection for subsequent requests.

4. HTTP version:

HTTP/1.0: Initially, a new connection was established for each request/response.
HTTP/1.1: The currently widely used version supports persistent connections and can send multiple requests and responses on the same connection.
HTTP/2: introduces new features such as multiplexing to improve performance.
HTTP/3: A new version based on the UDP protocol designed to improve speed and performance.

These basic concepts form the core of the HTTP protocol, and understanding them is critical to web development and network communications.

Introduction to GET and POST

GET and POST are two common request methods in the HTTP protocol, used to request or submit data to the server.

1. GET request:

Definition: The GET request is used to obtain resources from the server, usually for data reading operations. It is an idempotent operation and will not produce different effects if executed multiple times.

Features:

Parameter passing method: The parameters are appended to the query string of the URL. The URL and parameters are separated by a question mark (?), and the ampersand (&) is used between multiple parameters. Separate.
```
GET /path/resource?param1=value1&param2=value2 HTTP/1.1
```
Visibility: Because the parameter is visible in the URL, it is not suitable for transmitting sensitive information such as passwords.
Cache: can be cached by the browser, suitable for data that is frequently read but rarely changed.
Length limit: Since the parameters are appended to the URL, there is a limit on the length of the URL, which is not suitable for transmitting large amounts of data.

2. POST request:

Definition: POST request is used to submit data to the server, usually for data creation, update or deletion operations. It is not idempotent and executing it multiple times may produce different effects.

Features:

Parameter passing method: The parameters are placed in the request body, not in the URL. Suitable for transferring larger or sensitive data.
```
POST /path/resource HTTP/1.1
Content-Type: application/x-www-form-urlencoded

param1=value1&param2=value2
```
Visibility: Because the parameters are in the request body, compared to the GET request, the data in the POST request is invisible to the user and is more suitable for transmitting sensitive information.
Cache: Generally, it will not be cached by the browser, but caching can be achieved through special settings.
Length limit: Since the parameters are in the request body, larger data can theoretically be transmitted without being restricted by URL length.

3. Summary of differences:

GET is used to obtain resources, while POST is used to submit data.
GET parameters are appended to the URL, and POST parameters are placed in the request body.
GET is suitable for transmitting small amounts of data, while POST is suitable for transmitting large amounts or sensitive data.
GET can be cached by browsers, while POST is not cached by browsers by default.
GET is idempotent, and multiple executions have the same effect, while POST is not idempotent, and multiple executions may produce different effects.

In actual applications, choosing GET or POST depends on specific needs and business scenarios. GET is used to read data, while POST is used for operations such as submitting form data or uploading files.

GET vs. POST: Parameter passing

In HTTP, GET and POST are two common request methods, and they have some important differences in parameter passing.

1. Parameter passing of GET request:

Position: The parameters of a GET request are usually appended to the query string of the URL.
```
GET /path/resource?param1=value1&param2=value2 HTTP/1.1
```
Visibility: The parameter is visible in the URL and is therefore not suitable for transmitting sensitive information.
Restrictions: Due to the limitation of URL length, GET request has certain restrictions on the size of parameters and is not suitable for transmitting large amounts of data.
Writing format: Use the ampersand (&) to separate parameters, and use the equal sign (=) to connect key-value pairs.

2. Parameter transfer of POST request:

Position: The parameters of the POST request are placed in the request body.

POST /path/resource HTTP/1.1
Content-Type: application/x-www-form-urlencoded

param1=value1&param2=value2

Visibility: Because the parameters are in the request body, compared to the GET request, the data in the POST request is invisible to the user and is more suitable for transmitting sensitive information.
Limitations: Since the parameters are in the request body, larger data can theoretically be transmitted without being restricted by URL length.
Writing format: Parameters are also separated by an ampersand (&), and key-value pairs are connected by an equal sign (=), but are no longer appended to the URL.

3. Choose GET or POST:

GET applicable scenarios:
- Used to read data, such as page views.
- The parameters are small and do not contain sensitive information.
- Idempotent operations, i.e. multiple executions will not produce different results.
POST applicable scenarios:
- Used to submit data, such as form submission.
- The parameters are large and may contain sensitive information.
- Non-idempotent operations, i.e. multiple executions may produce different results.

4. Supplementary instructions:

Form submission: HTML forms usually use the POST method to submit data so that more data can be transmitted without being limited by URL length.
File upload: Since files are usually large, POST requests are generally used when uploading files.
Security considerations: For operations that contain sensitive information, it is recommended to use POST requests, because the parameters of POST requests are in the request body and are more secure than GET requests.

Overall, GET and POST each have their own advantages, and the choice depends on specific business needs and security considerations. In actual applications, developers need to choose the appropriate request method and parameter transfer method according to the scenario.

Safety and idempotence

Safety:

Security of GET requests:

The GET request is considered safe because it is typically used to read resources without materially affecting the data on the server.
GET requests should not cause changes in server status, and should not modify, add, delete, etc. data.
The concept of security states that multiple GET requests for the same resource should produce the same result without changing the state of the resource.

Security of POST requests:

POST requests are generally considered unsafe because they are used to submit data to the server, which may result in modification, addition, or deletion of data on the server.
POST requests may cause changes in server status and are therefore not secure.
The concept of security suggests that multiple POST requests for the same resource may produce different results because it can cause changes in server state.

Idempotence:

Idempotence of GET requests:

GET requests are idempotent, that is, multiple GET requests for the same resource should produce the same result without changing the state of the resource.
The idempotence feature prevents repeated execution of GET requests from having additional impact.

Idempotence of POST requests:

POST requests are generally not idempotent, i.e. multiple POST requests for the same resource may produce different results, as it may cause changes in server state.
The concept of idempotence states that repeated POST requests for the same resource may result in the same operation multiple times rather than a single operation.

Practical impact:

Caching: GET requests can be cached by browsers because they are idempotent, while POST requests are not cached by browsers by default.
Browser history: Because the GET request is idempotent, it has no adverse effect on the browser history, whereas the POST request may cause some questions.
Network retries: Idempotence is very important for network retries. If a request is idempotent, then after a network failure the request can be safely retried without causing inconsistent results. GET is idempotent, while POST usually is not.
Bookmarks and links: Due to the security of GET requests, it is more suitable for generating bookmarks and creating links in pages.

When designing and using web applications, it is important to understand and consider these concepts of safety and idempotence to ensure the consistency, reliability, and security of the system. The characteristics of different HTTP methods in these aspects affect their selection and use in specific scenarios.

scenes to be used

1. Scenarios using GET:

a. Get data:

Example: Request an article details page.
Reason: GET is suitable for obtaining data because it is idempotent and will not affect the server status.

b. Query parameters:

Example: Submit a query in a search engine.
Reason: The parameters of the GET request are passed through the URL, which is suitable for passing query parameters and can be saved by bookmarks.

c. Page navigation:

Example: Jump to other pages.
Reason: Using GET can make use of the browser's cache and history, which is beneficial to the user experience.

d. Static resource request:

Example: Request static resources such as images, style sheets, and JavaScript.
Reason: GET requests are browser cache-friendly and can improve performance.

2. Scenarios using POST:

a. Submit form data:

Example: User registration and login.
Reason: POST request is suitable for submitting form data containing sensitive information, because the data is in the request body and will not be visible in the URL.

b. File upload:

Example: Upload a user avatar or other file.
Reason: POST request supports passing a large amount of data in the request body, which is suitable for uploading files.

c. Data update:

Example: Modify user profile.
Reason: POST requests are used to modify, add or delete data and are idempotent.

d. Safe operation:

Example: Change user password.
Reason: Because POST requests will not be cached by the browser, they are more suitable for performing security-sensitive operations.

3. Best Practices and Principles:

a. Avoid passing sensitive information in GET requests:

Do not include sensitive information in the URL, as the URL may be recorded by browsers, server logs, etc.

b. Use the appropriate HTTP method:

Follow RESTful design principles, use GET to read resources, and use POST to modify resources.

c. Utilize caching:

For data that changes infrequently, use GET requests and configure appropriate cache headers to improve performance.

d. Consider idempotence:

If the operation is idempotent, give priority to GET requests to reduce unnecessary state changes.

e. Consider security:

For operations involving user privacy and sensitive information, use POST requests and use the HTTPS protocol to encrypt communications.

f. Select according to business needs:

According to specific business scenarios and needs, choosing GET or POST can better meet functional requirements.

In actual development, it is crucial to choose the appropriate request method based on specific business needs, security considerations, performance requirements, and the characteristics of the HTTP method. Considering various factors, GET or POST can be reasonably selected according to the specific situation.