How should I choose between GET and POST methods in HTML forms?
To choose between them I use this simple rule:
GET for reads. (reading data and displaying it)
POST for anything that writes (i.e updating a database table, deleting an entry, etc.)
The other consideration is that GET is subjected to the maximum URI length and of course can't handle file uploads.
This page has a good summary.
When should I use GET or POST method? What's the difference between them?
It's not a matter of security. The HTTP protocol defines GET-type requests as being idempotent, while POSTs may have side effects. In plain English, that means that GET is used for viewing something, without changing it, while POST is used for changing something. For example, a search page should use GET, while a form that changes your password should use POST.
Also, note that PHP confuses the concepts a bit. A POST request gets input from the query string and through the request body. A GET request just gets input from the query string. So a POST request is a superset of a GET request; you can use $_GET
in a POST request, and it may even make sense to have parameters with the same name in $_POST
and $_GET
that mean different things.
For example, let's say you have a form for editing an article. The article-id may be in the query string (and, so, available through $_GET['id']
), but let's say that you want to change the article-id. The new id may then be present in the request body ($_POST['id']
). OK, perhaps that's not the best example, but I hope it illustrates the difference between the two.
Difference between GET and POST methods?
GET:
- Parameters remain in browser history because they are part of the URL
- Can be bookmarked.
- GET method should not be used when sending passwords or other sensitive information.
- 7607 character maximum size.
- Url example: page2.php?category=sport
POST:
- Parameters are not saved in browser history.
- Can not be bookmarked.
- POST method used when sending passwords or other sensitive information.
- 8 Mb max size for the POST method.
- Url example: page2.php
Which scenarios need the usage of GET and POST methods in the same form?
The same route is being used for when the form is loaded and when user enters login data and submits the form.
For example, on the website home page, user clicks on login button and the url behind is /login
. This is a GET
request and loads the login page with the login form.
User then enters their username and password and clicks on login or submit. This submits the form to the same url i.e. /login
but this time, the request is a POST
. When Flask sees this is a POST
request, it then looks for the user name and password
What is the difference between POST and GET?
GET
and POST
are two different types of HTTP requests.
According to Wikipedia:
GET requests a representation of the specified resource. Note that GET should not be used for operations that cause side-effects, such as using it for taking actions in web applications. One reason for this is that GET may be used arbitrarily by robots or crawlers, which should not need to consider the side effects that a request should cause.
and
POST submits data to be processed (e.g., from an HTML form) to the identified resource. The data is included in the body of the request. This may result in the creation of a new resource or the updates of existing resources or both.
So essentially GET
is used to retrieve remote data, and POST
is used to insert/update remote data.
HTTP/1.1 specification (RFC 2616) section 9 Method Definitions contains more information on
GET
and POST
as well as the other HTTP methods, if you are interested.In addition to explaining the intended uses of each method, the spec also provides at least one practical reason for why GET
should only be used to retrieve data:
Authors of services which use the HTTP protocol SHOULD NOT use GET based forms for the submission of sensitive data, because this will cause this data to be encoded in the Request-URI. Many existing servers, proxies, and user agents will log the request URI in some place where it might be visible to third parties. Servers can use POST-based form submission instead
Finally, an important consideration when using
GET
for AJAX requests is that some browsers - IE in particular - will cache the results of a GET
request. So if you, for example, poll using the same GET
request you will always get back the same results, even if the data you are querying is being updated server-side. One way to alleviate this problem is to make the URL unique for each request by appending a timestamp. When do you use POST and when do you use GET?
Use POST
for destructive actions such as creation (I'm aware of the irony), editing, and deletion, because you can't hit a POST
action in the address bar of your browser. Use GET
when it's safe to allow a person to call an action. So a URL like:
http://myblog.org/admin/posts/delete/357
Should bring you to a confirmation page, rather than simply deleting the item. It's far easier to avoid accidents this way.
POST
is also more secure than GET
, because you aren't sticking information into a URL. And so using GET
as the method
for an HTML form that collects a password or other sensitive information is not the best idea.
One final note: POST
can transmit a larger amount of information than GET
. 'POST' has no size restrictions for transmitted data, whilst 'GET' is limited to 2048 characters.
HTML form send data by GET instead POST
It should be a post (assuming that you forgot the closing tag only in your example). I added your code and put the closing tag in an html file and submitted in Chrome. This is what I see in the network trace:
Also look at this question in case you are doing the same.
Related Topics
How to Change the Default Index Page in Apache
CSS Grid - Maximum Number of Columns Without Media Queries
Embed Youtube Video - Refused to Display in a Frame Because It Set 'X-Frame-Options' to 'Sameorigin'
Can Comments Appear Before the Doctype Declaration
How to Increase a Scrollbar's Width Using CSS
Bootstrap 4 - Sticky Footer - Dynamic Footer Height
How to Embed Latex in a Webpage
Html5 Iframe Seamless Attribute
Correct Semantics for Ul in Ul
Extra Space Under Textarea, Differs Along Browsers
HTML + CSS: Ordered List Without the Period
How to Remove "Invisible Space" from HTML
What Do <Form Action="#"> and <Form Method="Post" Action="#"> Do
How to Apply an Opacity Without Affecting a Child Element with HTML/Css
How to Nest Button Inside Another Button