When do you use POST and when do you use GET

Question

From what I can gather  there are three categories    Never use GET and use POST Never use POST and use GET It doesn t matter which one you use    Am I correct in assuming those three cases  If so  what are some examples from each case

User · Answer

From w3schools com      What is HTTP       The Hypertext Transfer Protocol  HTTP  is designed to enable   communications between clients and servers       HTTP works as a request-response protocol between a client and server       A web browser may be the client  and an application on a computer that   hosts a web site may be the server       Example  A client  browser  submits an HTTP request to the server    then the server returns a response to the client  The response   contains status information about the request and may also contain the   requested content       Two HTTP Request Methods  GET and POST      Two commonly used methods for a request-response between a client and   server are  GET and POST       GET     Requests data from a specified resource POST     Submits data to   be processed to a specified resource   Here we distinguish the major differences

User · Answer

The first important thing is the meaning of GET versus POST     GET should be used to    get    some information from the server  while POST should be used to send some information to the server     After that  a couple of things that can be noted     Using GET  your users can use the  back  button in their browser  and they can bookmark pages There is a limit in the size of the parameters you can pass as GET  2KB for some versions of Internet Explorer  if I m not mistaken    the limit is much more for POST  and generally depends on the server s configuration     Anyway  I don t think we could  live  without GET   think of how many URLs you are using with parameters in the query string  every day -- without GET  all those wouldn t work  -

User · Answer

Use GET if you don t mind the request being repeated  That is it doesn t change state    Use POST if the operation does change the system s state

User · Answer

Another difference is that POST generally requires two HTTP operations  whereas GET only requires one   Edit  I should clarify--for common programming patterns  Generally responding to a POST with a straight up HTML web page is a questionable design for a variety of reasons  one of which is the annoying  you must resubmit this form  do you wish to do so   on pressing the back button

User · Answer

In brief   Use GET for safe andidempotent requests Use POST for neither safe nor idempotent requests     In details There is a proper place for each  Even if you don t follow RESTful principles  a lot can be gained from learning about REST and how a resource oriented approach works       A RESTful application will use GETs for operations which are both safe and idempotent     A safe operation is an operation which does not change the data requested    An idempotent operation is one in which the result will be the same no matter how many times you request it    It stands to reason that  as GETs are used for safe operations they are automatically also idempotent  Typically a GET is used for retrieving a resource  a question and its associated answers on stack overflow for example  or collection of resources       A RESTful app will use PUTs for operations which are not safe but idempotent     I know the question was about GET and POST  but I ll return to POST in a second   Typically a PUT is used for editing a resource  editing a question or an answer on stack overflow for example        A POST would be used for any operation which is neither safe or idempotent     Typically a POST would be used to create a new resource for example creating a NEW SO question  though in some designs a PUT would be used for this also     If you run the POST twice you would end up creating TWO new questions      There s also a DELETE operation  but I m guessing I can leave that there      Discussion  In practical terms modern web browsers typically only support GET and POST reliably  you can perform all of these operations via javascript calls  but in terms of entering data in forms and pressing submit you ve generally got the two options   In a RESTful application the POST will often be overriden to provide the PUT and DELETE calls also    But  even if you are not following RESTful principles  it can be useful to think in terms of using GET for retrieving   viewing information and POST for creating   editing  information   You should never use GET for an operation which alters data  If a search engine crawls a link to your evil op  or the client bookmarks it could spell big trouble

User · Answer

Use POST for destructive actions such as creation  I m aware of the irony   editing  and deletion  because you can t hit a POST action in the address bar of your browser  Use GET when it s safe to allow a person to call an action  So a URL like   http   myblog org admin posts delete 357   Should bring you to a confirmation page  rather than simply deleting the item  It s far easier to avoid accidents this way   POST is also more secure than GET  because you aren t sticking information into a URL  And so using GET as the method for an HTML form that collects a password or other sensitive information is not the best idea   One final note  POST can transmit a larger amount of information than GET   POST  has no size restrictions for transmitted data  whilst  GET  is limited to 2048 characters

User · Answer

1 3 Quick Checklist for Choosing HTTP GET or POST Use GET if      The interaction is more like a question  i e   it is a safe operation such as a query  read operation  or lookup    Use POST if      The interaction is more like an order  or     The interaction changes the state of the resource in a way that the user would perceive  e g   a subscription to a service   or     The user be held accountable for the results of the interaction   Source

User · Answer

One practical difference is that browsers and webservers have a limit on the number of characters that can exist in a URL  It s different from application to application  but it s certainly possible to hit it if you ve got textareas in your forms   Another gotcha with GETs - they get indexed by search engines and other automatic systems  Google once had a product that would pre-fetch links on the page you were viewing  so they d be faster to load if you clicked those links  It caused major havoc on sites that had links like delete php id 1 - people lost their entire sites

User · Answer

Short Version  GET  Usually used for submitted search requests  or any request where you want the user to be able to pull up the exact page again   Advantages of GET    URLs can be bookmarked safely  Pages can be reloaded safely    Disadvantages of GET    Variables are passed through url as name-value pairs   Security risk  Limited number of variables that can be passed   Based upon browser  For example  Internet Explorer is limited to 2 048 characters     POST  Used for higher security requests where data may be used to alter a database  or a page that you don t want someone to bookmark    Advantages of POST    Name-value pairs are not displayed in url   Security    1  Unlimited number of name-value pairs can be passed via POST  Reference    Disadvantages of POST    Page that used POST data cannot be bookmark   If you so desired      Longer Version  Directly from the Hypertext Transfer Protocol -- HTTP 1 1      9 3 GET      The GET method means retrieve whatever information  in the form of an entity  is identified by the Request-URI  If the Request-URI refers to a data-producing process  it is the produced data which shall be returned as the entity in the response and not the source text of the process  unless that text happens to be the output of the process        The semantics of the GET method change to a  conditional GET  if the request message includes an If-Modified-Since  If-Unmodified-Since  If-Match  If-None-Match  or If-Range header field  A conditional GET method requests that the entity be transferred only under the circumstances described by the conditional header field s   The conditional GET method is intended to reduce unnecessary network usage by allowing cached entities to be refreshed without requiring multiple requests or transferring data already held by the client        The semantics of the GET method change to a  partial GET  if the request message includes a Range header field  A partial GET requests that only part of the entity be transferred  as described in section 14 35  The partial GET method is intended to reduce unnecessary network usage by allowing partially-retrieved entities to be completed without transferring data already held by the client        The response to a GET request is cacheable if and only if it meets the requirements for HTTP caching described in section 13        See section 15 1 3 for security considerations when used for forms        9 5 POST      The POST method is used to request that the origin server accept the   entity enclosed in the request as a new subordinate of the resource   identified by the Request-URI in the Request-Line  POST is designed   to allow a uniform method to cover the following functions          Annotation of existing resources    Posting a message to a bulletin board  newsgroup  mailing list    or similar group of articles    Providing a block of data  such as the result of submitting a   form  to a data-handling process    Extending a database through an append operation          The actual function performed by the POST method is determined by the   server and is usually dependent on the Request-URI  The posted entity   is subordinate to that URI in the same way that a file is subordinate   to a directory containing it  a news article is subordinate to a   newsgroup to which it is posted  or a record is subordinate to a   database       The action performed by the POST method might not result in a   resource that can be identified by a URI  In this case  either 200    OK  or 204  No Content  is the appropriate response status    depending on whether or not the response includes an entity that   describes the result

User · Answer

There is nothing you can t do per-se  The point is that you re not supposed to modify the server state on an HTTP GET  HTTP proxies assume that since HTTP GET does not modify the state then whether a user invokes HTTP GET one time or 1000 times makes no difference  Using this information they assume it is safe to return a cached version of the first HTTP GET  If you break the HTTP specification you risk breaking HTTP client and proxies in the wild  Don t do it

User · Answer

My general rule of thumb is to use Get when you are making requests to the server that aren t going to alter state   Posts are reserved for requests to the server that alter state

User · Answer

Apart from the length constraints difference in many web browsers  there is also a semantic difference  GETs are supposed to be  safe  in that they are read-only operations that don t change the server state  POSTs will typically change state and will give warnings on resubmission  Search engines  web crawlers may make GETs but should never make POSTs   Use GET if you want to read data without changing state  and use POST if you want to update state on the server

User · Answer

Because GETs are purely URLs  they can be cached by the web browser and may be better used for things like consistently generated images   Set an Expiry time   One example from the gravatar page  http   www gravatar com avatar 4c3be63a4c2f539b013787725dfce802 d monsterid  GET may yeild marginally better performance  some webservers write POST contents to a temporary file before invoking the handler   Another thing to consider is the size limit  GETs are capped by the size of the URL  1024 bytes by the standard  though browsers may support more   Transferring more data than that should use a POST to get better browser compatibility    Even less than that limit is a problem  as another poster wrote  anything in the URL could end up in other parts of the brower s UI  like history

User · Answer

The original intent was that GET was used for getting data back and POST was to be anything   The rule of thumb that I use is that if I m sending anything back to the server  I use POST   If I m just calling an URL to get back data  I use GET

User · Answer

I use POST when I don t want people to see the QueryString or when the QueryString gets large   Also  POST is needed for file uploads   I don t see a problem using GET though  I use it for simple things where it makes sense to keep things on the QueryString   Using GET will allow linking to a particular page possible too where POST would not work

User · Answer

From RFC 2616      9 3 GET    The GET method means retrieve whatever information  in the form of   an entity  is identified by the   Request-URI  If the Request-URI refers   to a data-producing process  it is the   produced data which shall be returned   as the entity in the response and not   the source text of the process  unless   that text happens to be the output of   the process         9 5 POST The POST method is used to request that the origin server   accept the entity enclosed in the   request as a new subordinate of the   resource identified by the Request-URI   in the Request-Line  POST is designed   to allow a uniform method to cover the   following functions           Annotation of existing resources    Posting a message to a bulletin board  newsgroup  mailing list  or   similar group of articles    Providing a block of data  such as the result of submitting a form  to a   data-handling process    Extending a database through an append operation          The actual function performed by the   POST method is determined by the   server and is usually dependent on the   Request-URI  The posted entity is   subordinate to that URI in the same   way that a file is subordinate to a   directory containing it  a news   article is subordinate to a newsgroup   to which it is posted  or a record is   subordinate to a database        The action performed by the POST   method might not result in a resource   that can be identified by a URI  In   this case  either 200  OK  or 204  No   Content  is the appropriate response   status  depending on whether or not   the response includes an entity that   describes the result

User · Answer

Gorgapor  mod rewrite still often utilizes GET  It just allows to translate a friendlier URL into a URL with a GET query string

User · Answer

Simple version of POST GET PUT DELETE   use  GET - when you want to get any resource like List of data based on any Id or Name use POST - when you want to send any data to server  keep in mind POST is heavy weight operation because for updation we should use PUT instead of POST internally POST will create new resource use PUT - when you

User · Answer

Well one major thing is anything you submit over GET is going to be exposed via the URL  Secondly as Ceejayoz says  there is a limit on characters for a URL

User · Answer

HTTP Post data doesn t have a specified limit on the amount of data  where as different browsers have different limits for GET s  The RFC 2068 states      Servers should be cautious about   depending on URI lengths above 255   bytes  because some older client or   proxy implementations may not properly   support these lengths   Specifically you should the right HTTP constructs for what they re used for  HTTP GET s shouldn t have side-effects and can be safely refreshed and stored by HTTP Proxies  etc   HTTP POST s are used when you want to submit data against a url resource   A typical example for using HTTP GET is on a Search  i e  Search Query my query A typical example for using a HTTP POST is submitting feedback to an online form

User · Answer

Read the article about HTTP in the Wikipedia  It will explain what the protocol is and what it does      GET        Requests a representation of the specified resource  Note that GET should not be used for operations that cause side-effects  such as using it for taking actions in web applications  One reason for this is that GET may be used arbitrarily by robots or crawlers  which should not need to consider the side effects that a request should cause     and      POST   Submits data to be processed  e g   from an HTML form  to the identified resource  The data is included in the body of the request  This may result in the creation of a new resource or the updates of existing resources or both    The W3C has a document named URIs  Addressability  and the use of HTTP GET and POST that explains when to use what  Citing      1 3 Quick Checklist for Choosing HTTP GET or POST         Use GET if          The interaction is more like a question  i e   it is a    safe operation such as a query  read operation  or lookup           and        Use POST if          The interaction is more like an order  or   The interaction changes the state of the resource in a way that the user would perceive  e g   a subscription to a service   or     o The user be held accountable for the results of the interaction             However  before the final decision to use HTTP GET or POST  please also consider considerations for sensitive data and practical considerations    A practial example would be whenever you submit an HTML form  You specify either post or get for the form action  PHP will populate   GET and   POST accordingly

User · Answer

Use GET when you want the URL to reflect the state of the page  This is useful for viewing dynamically generated pages  such as those seen here  A POST should be used in a form to submit data  like when I click the  Post Your Answer  button  It also produces a cleaner URL since it doesn t generate a parameter string after the path

User · Answer

POST can move large data while GET cannot   But generally it s not about a shortcomming of GET  rather a convention if you want your website webapp to be behaving nicely   Have a look at http   www w3 org 2001 tag doc whenToUseGet html

User · Answer

In PHP  POST data limit is usually set by your php ini  GET is limited by server browser settings I believe - usually around 255 bytes

User · Answer

i dont see a problem using get though  i use it for simple things where it makes sense to keep things on the query string    Using it to update state - like a GET of delete php id 5 to delete a page - is very risky   People found that out when Google s web accelerator started prefetching URLs on pages - it hit all the  delete  links and wiped out peoples  data   Same thing can happen with search engine spiders

User · Answer

This traverses into the concept of REST and how the web was kinda intended on being used   There is an excellent podcast on Software Engineering radio that gives an in depth talk about the use of Get and Post   Get is used to pull data from the server  where an update action shouldn t be needed   The idea being is that you should be able to use the same GET request over and over and have the same information returned   The URL has the get information in the query string  because it was meant to be able to be easily sent to other systems and people like a address on where to find something     Post is supposed to be used  at least by the REST architecture which the web is kinda based on  for pushing information to the server telling the server to perform an action   Examples like  Update this data  Create this record

User · Answer

As answered by others  there s a limit on url size with get  and files can be submitted with post only   I d like to add that one can add things to a database with a get and perform actions with a post   When a script receives a post or a get  it can do whatever the author wants it to do   I believe the lack of understanding comes from the wording the book chose or how you read it   A script author should use posts to change the database and use get only for retrieval of information     Scripting languages provided many means with which to access the request   For example  PHP allows the use of   REQUEST to retrieve either a post or a get   One should avoid this in favor of the more specific   GET or   POST   In web programming  there s a lot more room for interpretation   There s what one should and what one can do  but which one is better is often up for debate   Luckily  in this case  there is no ambiguity   You should use posts to change data  and you should use get to retrieve information

[http-post] When do you use POST and when do you use GET?

Examples related to http-post

Examples related to http-get