Hardware and software Environment
- Windows 10 64bit
- Anaconda3 with python 3.7
- PyCharm 2019.3
- Flask 1.1.1
The GET and POST
HTTP profile
HTTP stands for HyperText Transfer Protocol, which is the basis for data Transfer over the Internet. In the Flask framework, HTTP methods for data interaction are also provided.
HTTP method
The following table describes the common HTTP request methods
HTTP method | describe |
---|---|
GET | Requesting a specified resource is considered an insecure method |
POST | Data is submitted to the server for processing, such as form submission, file upload |
HEAD | Like the GET method, but the server does not send back the response body and is often used to check server performance |
PUT | Upload content to the server |
DELETE | The request server deletes the requested URI |
Flask handles GET and POST
In the real world, GET and POST are the most commonly used methods. In Flask, HTTP methods can be specified in the route method of the Flask object, which defaults to GET if not written. To process POST requests on the server side, let’s first create a form to get user input. View instance
Index. HTML file contents
<! DOCTYPEhtml>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>GET and POST</title>
</head>
<body>
<form action = "http://localhost:5000" method = "post">
<table>
<tr>
<td>Name</td>
<td><input type ="text" name ="username"></td>
</tr>
<tr>
<td>Password</td>
<td><input type ="password" name ="password"></td>
</tr>
<tr>
<td><input type = "submit"></td>
</tr>
</table>
</form>
</body>
</html>
Copy the code
Here we specify the POST method in the form. Next, the request is processed in the run.py file
from flask import Flask, request
app = Flask(__name__)
@app.route('/', methods=['POST'])
def index() :
username = request.form['username']
password = request.form['password']
if username == "waws" and password == "123456":
return f"<html><body>Welcome {username}</body></html>"
else:
return f"Welcome! "
if __name__ == '__main__':
app.run(debug=True)
Copy the code
As you can see, in @app.route we also specify the POST method, then fetch the form data from the Flask request object, and then make a simple decision to return the different contents of the page.
Open the index.html in a browser, type waws and 123456 in the username and password box, and click Submit to go to the Welcome waws page. If not, go to the Welcome page, as shown below
Let’s take a look at an example of a client using a GET request and modify it from above.
# index. HTML file, change the original 'post' to 'get'<form action = "http://localhost:5000" method = "get">
<table>
<tr>
<td>Name</td>
<td><input type ="text" name ="username"></td>
</tr>
<tr>
<td>Password</td>
<td><input type ="password" name ="password"></td>
</tr>
<tr>
<td><input type = "submit"></td>
</tr>
</table>
</form>
Copy the code
Run.py changed POST to GET, and the form’s reception was modified
@app.route('/', methods=['GET'])
def index() :
username = request.args.get('username')
password = request.args.get('password')
if username == "waws" and password == "123456":
return f"<html><body>Welcome {username}</body></html>"
else:
return f"Welcome! "
Copy the code
The result of the entire run is exactly the same, but notice the address bar information after the form is submitted, as follows
Extra in the back? Username =waws&password=123456, the GET request will concatenate the form data in the form of key-value pairs to the URL and send it to the server. This is the most important difference between GET and POST. For sensitive information, GET is extremely insecure and should never be used in this way.