Standard answers on the Internet

The above standard answer is not wrong, the above differences exist on most browsers, because they implement the HTTP standard.

So in terms of standards, the difference between GET and POST is as follows:

GET is used to GET information. It has no side effects, is idempotent, and is cacheable.

POST is used to modify data on the server. It has side effects, non-idempotent, and cannot be cached.

Differences between GET and POST packets

There is no real difference between THE GET and POST methods, but the message format is different.

GET and POST are two HTTP request modes. HTTP is an application layer protocol based on TCP/IP. Both GET and POST use the same transport layer protocol, so there is no difference in transmission.

In the format of packets without parameters, the biggest difference is the method name of the first line.

The first line of the POST request is POST/URI HTTP/1.1

The first line of the GET request is HTTP/1.1

Without parameters, they differ only in the first few characters of the message.

What’s the difference between a text with parameters? In the convention, the parameters of the GET method should be placed in the URL, and the parameters of the POST method should be placed in the body.

Now we know that the two methods are essentially TCP connections, there’s no difference, which means that if I don’t follow the specification, IT’s okay. We can write parameters in the URL, and then the method uses POST; You can also write parameters in the Body and then use GET in the method. Of course, this requires server-side support.

  1. Q&A

Is the GET method argument written in a fixed way? In the convention, our arguments are written in? After that, we split it with ampersand.

As we know, the process of packet parsing is to obtain TCP data, use tools such as re to obtain Header and Body from the data, and then extract parameters.

That is to say, we can the agreed parameters method and just can explain out of a service, one of the more popular writing is www.example.com/user/name/c…

Is POST more secure than GET?

As most articles on the web explain, POST is safer than GET because the data is not visible in the address bar.

However, from a transport point of view, they are not secure, because HTTP is transmitted over the network in clear text, as long as the network node to capture the packet, the complete data packet.

For secure transmission, there is only encryption, which is HTTPS.

What about the length limit for the GET method?

I’ve seen a lot of articles on the Internet about the difference between the two, which mentioned that the browser address bar parameters are limited.

First of all, HTTP does not have any length restrictions on Body and URL, which are mostly restricted by browsers and servers.

Browser reasons do not say, the server because processing long URL to consume more resources, for performance and security (to prevent malicious construction of long URL to attack) consideration, will give THE URL length limit.

POST method produces two TCP packets?

As mentioned in some articles, POST will send the header and the body separately, sending the header first and the server returning the 100 status code before sending the body.

The HTTP protocol does not explicitly say that POST produces two TCP packets, and actual testing (Chrome) found that header and body are not sent separately.

Therefore, sending header and body separately is a request method of some browsers or frameworks, not necessarily post behavior.