|| Can be bookmarked.
|| Can not be bookmarked.
|BACK button/re-submit behaviour
||GET requests are re-executed but may not be re-submitted to server if the HTML is stored in the browser cache.
|| The browser usually alerts the user that data will need to be re-submitted.
|Encoding type (enctype attribute)
||multipart/form-data or application/x-www-form-urlencoded Use multipart encoding for binary data.
|| can send but the parameter data is limited to what we can stuff into the request line (URL). Safest to use less than 2K of parameters
|| some servers handle up to 64K Can send parameters including uploading files to the server.
|| Easier to hack for script kiddies
|| More difficult to hack.
|Restrictions on form data type
||Yes only ASCII characters allowed.
||No restrictions. Binary data is also allowed.
|| GET is less secure compared to POST because data sent is part of the URL. So it's saved in browser history and server logs in plaintext.
|| POST is a little safer than GET because the parameters are not stored in browser history or in web server logs.
|Restrictions on form data length
|| Yes since form data is in the URL and URL length is restricted. A safe URL length limit is often 2048 characters but varies by browser and web server.
|| GET method should not be used when sending passwords or other sensitive information.
|| POST method used when sending passwords or other sensitive information.
|| GET method is visible to everyone (it will be displayed in the browser's address bar) and has limits on the amount of information to send.
|| POST method variables are not displayed in the URL.
|| Can be cached
|| Not cached