get vs. post: a detailed explanation
Blogs20112011-07-11
Here is a a detailed explanation about HTTP get vs post:
| Â | Get | Post |
|---|---|---|
| Visibility: | GET method is visible to everyone (it will be displayed in the browser’s address bar) and has limits on the amount of information to send. | POST method variables are not displayed in the URL. |
| Usability: | GET method should not be used when sending passwords or other sensitive information. | POST method used when sending passwords or other sensitive information. |
| Restrictions on form data length: | Yes, since form data is in the URL and URL length is restricted | No restrictions |
| Security: | GET is less secure compared to POST because data sent is part of the URL. So it’s saved in browser history and server logs in plaintext. | POST is a little safer than GET because the parameters are not stored in browser history or in web server logs. |
| Restrictions on form data type: | Yes, only ASCII characters allowed. | No restrictions. Binary data is also allowed. |
| Hacked: | Easier to hack for script kiddies | More difficult to hack |
| Parameters: | can send but the parameter data is limited to what we can stuff into the request line (URL). | Can send parameters, including uploading files, to the server. |
| Bookmarked: | Can be bookmarked. | Can not bookmarked. |
| Encoding type (enctype attribute): | application/x-www-form-urlencoded | multipart/form-data or application/x-www-form-urlencoded |
| BACK button/re-submit behaviour: | GET requests are re-executed. | The browser usually alerts the user that data will need to be re-submitted. |
| History: | Parameters remain in browser history because they are part of the URL | Parameters are not saved in browser history. |
| Large variable values: | 2000 character maximum size. | 8 Mb max size for the POST method. |
| Cached: | Can be cached | Not cached |