GET vs POST

1132 0

$1*/ mo hosting! Get going with GoDaddy!


GET vs POST
History Parameters remain in browser history because they are part of the URL Parameters are not saved in browser history.
Bookmarked Can be bookmarked. Can not be bookmarked.
BACK button/re-submit behaviour GET requests are re-executed but may not be re-submitted to server if the HTML is stored in the browser cache. The browser usually alerts the user that data will need to be re-submitted.
Encoding type (enctype attribute) application/x-www-form-urlencoded multipart/form-data or application/x-www-form-urlencoded Use multipart encoding for binary data.
Parameters can send but the parameter data is limited to what we can stuff into the request line (URL). Safest to use less than 2K of parameters some servers handle up to 64K Can send parameters including uploading files to the server.
Hacked Easier to hack for script kiddies More difficult to hack.
Restrictions on form data type Yes only ASCII characters allowed. No restrictions. Binary data is also allowed.
Security GET is less secure compared to POST because data sent is part of the URL. So it's saved in browser history and server logs in plaintext. POST is a little safer than GET because the parameters are not stored in browser history or in web server logs.
Restrictions on form data length Yes since form data is in the URL and URL length is restricted. A safe URL length limit is often 2048 characters but varies by browser and web server. No restrictions.
Usability GET method should not be used when sending passwords or other sensitive information. POST method used when sending passwords or other sensitive information.
Visibility GET method is visible to everyone (it will be displayed in the browser's address bar) and has limits on the amount of information to send. POST method variables are not displayed in the URL.
Cached Can be cached Not cached

Comments

comments

In this article

Join the Conversation