Difference between get and post

Discussion in 'Computer Science & Culture' started by abdulla, Aug 20, 2003.

Thread Status:
Not open for further replies.
  1. abdulla

    abdulla Registered Member

    Messages:
    6
    Hi All!!!

    My Question is:

    What is the difference between "Get" and "Post" methods in Internet Technologies especially I am more concerned with Java Related Environments?

    Bye
     
    abdulla, Aug 20, 2003
    #1

  2. Google AdSense Guest Advertisement



    to hide all adverts.
  3. okinrus

    okinrus Registered Senior Member

    Messages:
    2,669
    okinrus, Aug 20, 2003
    #2

  4. Google AdSense Guest Advertisement



    to hide all adverts.
  5. cjard

    cjard Registered Senior Member

    Messages:
    125
    there isnt any real difference i'm afraid.. a get can modify and a post can access, but heres a basic overview:

    get and post SHOULD be used in the way okinrus describes. there is no restriction to prevent them being used otherwise

    a get request passes any parameters as part of the http request string. if for example you had a form:
    PHP:
    <form action=/somePage.jsp method=GET>
    name: <input type=text name=theName></input>
    pass:  <input type=password name=thePassword></input>
    <    input type=submit>
    </    form>
    then filling in your name (FRED)and password (DERF), and clicking submit would result in the web server being contacted and told:

    GET http://some.web.server.com/somePage.jsp?theName=FRED&thePassword=DERF HTTP/1.1

    what it does with it then, is up to it. (what you see above is what the browser says to the webserver as the start of the conversation)


    If you have the SAME forum but with a POST method, then the
    request header (the browser's opening conversation) looks more like:

    PHP:
    POST http://some.web.server.com/somePage.jsp HTTP/1.1
    User-AgentMozilla blah blah
    Other    -Headersyada yada

    theName    =FREDthePasswordDERF
    you see now that the name and pass are NOT transmitted to the webserver as part of the URL, but as the body of the message.. i.e. after the end of the headers section. way more secure

    -

    In both cases the webserver will respond

    In the java specific case, most of the time there is no logical difference as most developers will write their JSP/servlet so that doGet() and doPost() call the same method (something you make up) anyways.. often you will see this:

    PHP:
      doGet(HttpServletRequest reqHttpServletResponse resp) {
             doPost(reqresp);
      }
    doing either a get or a post (from the user web browsers) results in the same code running..

    Personally, i prefer to differentiate between them in times where there is a before and after for a site. imagine a forum, where you cant do anything until you log in. you would write your doGet() so that it always calls the login screen up,, no matter what. that login screen would contain a FORM that is POSTed back to the servlet, and you then write your doPost() method to handle the login. this way, if a user types in ANY url from the board, they get to the login screen. only with a legit POST operation, can they log in.. its a security feature, and it cuts down on the number of servlets/jsps needed for a particular web app

    Heres a quick example, imagine this code is in myServlet.srv on the webserver:

    PHP:
      doGet(HttpServletRequest reqHttpServletResponse resp) {
             resp.write("You need to log in:");
             resp.write("<form target=myServlet.srv method=POST>");
             resp.write("<input type=text name=login>");
             resp.write("<input type=submit></form>");
             resp.flush();
             resp.close();
      }

          doPost(HttpServletRequest reqHttpServletResponse resp) {
         if(    req.getParameter("login") == "FRED")
                resp.write("hi fred");
         else
                resp.write("unknown user");

             resp.flush();
             resp.close();
      }
    this wont compile, if at least for the string comparison using ==.. never compare strings using ==, but to write req.getParameter("login").equals("FRED") would be too confusingand its not like its anything to do with what im demonstrating.. so there you go. now, even if your user tried to access myServlet.srv?login=FRED as a URL from his browser, it still wont work, cos it will result ina doGet(), and doGet() never looks at the login paramter.. only when a POST is done via the form, will doPost() be called

    The important thing to grasp here is that in the doGet(), the myServlet.srv servlet actually refers to itself, in that when it writes back to the user, it writes a form with itself as the target. the next time the user interacts with myServlet.srv, it will be via the post...

    If you would like more information, ask..
     
    Last edited: Aug 21, 2003
    cjard, Aug 20, 2003
    #3

  6. Google AdSense Guest Advertisement



    to hide all adverts.
Thread Status:
Not open for further replies.

Share This Page