Use GET if you don't mind the request being repeated (That is it doesn't change state).
A RESTful; application will use GETs for operations which are both safe and idempotent. A safe operation is an operation which does not change the data requested. An idempotent operation is one in which the result will be the same no matter how many times you request it. It stands to reason that, as GETs are used for safe operations they are automatically also idempotent. Typically a GET is used for retrieving a resource or collection of resources.Advantages of Get:
- Urls can be bookmarked safely.
- Pages can be reloaded safely.
- Variables are pased through url as name-value pairs. (Security risk)
- Limited number of variables that can be passed. (Based upon browser. IE limited: 2,048 characters.)
Use POST for destructive actions such as creation, editing, and deletion, because you can't hit a POST action in the address bar of your browser.
A POST would be used for any operation which is neither safe or idempotent. Typically a POST would be used to create a new resource for example creating a NEW question (though in some designs a PUT would be used for this also). If you run the POST twice you would end up creating TWO new questions.POST can transmit a larger amount of information and is also more secure than GET, because you aren't sticking information into a URL. And so using GET as the
method for an HTML form that collects a password or other sensitive information is not the best idea.Advantages of Post:
- Name-value pairs are not displayed in url. (Security += 1)
- Unlimited number of name-value pairs can be passed via post. Reference.
- Page that used post data cannot be bookmark. (If you so desired.)
0 comments:
Post a Comment