When to use HTTP GET vs POST?
ฝัง
- เผยแพร่เมื่อ 4 ส.ค. 2024
- HTTP methods Get and POST are the most popular http methods used on the web. Each carries its own differences and properties. It can confusing to get to choose when to use POST over GET. In this video we will explain the differences, use cases and the benefits of using GET and POST.
HTTP Request
Lets start with explaining the anatomy of a HTTP requests, the main components of a request
It has. URL
it has method type,
headers content-type, cookies erc
and body the content
Property GET POST
Body No Yes
Data Request Limit Yes (2048 bytes) No limit
Data Type Ascii only Any data
Safe Yes No
Idempotent Yes No
Caching and Prefetching Yes No
Bookmarkable Yes No
Security? No Yes
Body
GET Requests Dont have Body
Post does
Data request limit
Url + body
Data type
Get Only ascii
Get URL only (2048)
POST no limit
Caching and prefetching
Safe
Modifies the resource
Idempotency
Bookmark
You can copy the url share it to twitter and anyone will get to that resource with all that parameters
Read request that need to send lot of data to the server will have to use POST. (Like tracing)
9:10 e-tag reference
Stay Awesome!
Hussein - วิทยาศาสตร์และเทคโนโลยี
Wow, these videos actually explain the concepts without copying and pasting wikipedia like all the others!
Awesome explaination...I am a tester and now I remember that developers used only post requests. That time I was very surprised hows it possible :D
All videos are amazing, I have been working in the security domain, for me, some network concepts were not clear, but your videos make it so easy, keep making videos, also can you make API keys vs OAuth videos from a security standpoint, when to use what
Thanks, helped a lot.
Super helpful, thanks!
Awesome explaination!
very informative, lots of things i learned . thanks
Perfectly splendid
You are best bro, i guess im addicted to your videos about network :)
Thanks Eren! What do you want to see next so I add it to my list of videos to make
@@hnasr Might be web scraping with nodejs.
@@hnasr Or how arp attacks works might be great.
Amazing explanation.
Nice comparison.
Idempotent was confusing.
And what is your opinion about using Headers in GET request to send small amount of data securely to server ?🙄
Dude ur Awesome !
ONM Roman thanks! You are more awesome thanks for your message ❤️
You can add body to get request easily.
Nice
Thank you very much for your content, its super valuable
Dear bro .
I'm looking for get and post method for one special problem and i cant found it in your video but i know you can do it .
I need to know how i can use get and post method for captcha code when the server is so busy and captcha code not shown . Do you think that its possible to appear captcha code on busy or overloaded sites by get and post method.
Tnx
Hi hussein,
I think POST itself doesn't change the data on the server, its the developer who choose to change the data or not.
So, in my opinion we can't consider POST safe because of that reason.
But We could say POST is safe maybe because its hides the parameters ( data ) that is sent.
Ahmed El Atari hey Ahmed, yes its the developer that make the decision to comply with the HTTP standard and follow it or not. By definition POST is not supposed to be safe while GET is safe: If the developer implement GET and in the backend they inserted a new resource or updated the postgres row than its no longer safe so its so dangerous because browsers assume GET is safe and they implement code based on this.
your good..
at 8:42 I did not understand your example with the email. Would you care to explain?
Therapist: the uncanny valley of accents doesn't exist
The uncanny valley of accents:
There is nothing that prohibits a GET request from containing a body. For example, if the URL for a specific response is becoming too long and cumbersome this information can be included within the body of the GET request to be parsed by the server. Allowing for a larger data request limit when using GET.
Better
Very Nice explanation but instead of explaining what does GET and POST actually mean in detail, you explained other things
Thanks Brother, couple of questions like as usual :) I haven't seen your video about E-Tags. If you have already covered following questions in E-tags video. please ignore it.
-> 1. will pre-fetching & caching default applies to GET request like browser implements them ? or any customizations needed ?
-> 2. In the case of caching, client will always send a request to server. whether there is a change in content or not. however, imagine there is a situation where there will be no change in data for next 24 hrs. can i cache this data in localStorage object in browser with key as date. before sending request to the client. I will check whether there is data for today in localStorage object. if it is , I can use it otherwise i will send a request.. is it safe to use this pattern or localStorage implementation is based on browser like google has this. I am not sure about other browsers..
-> 3. I hope, for above pattern we cannot use pre-fetching. because browser makes a smart decision whether the request has to be sent or not. is it applies only to images and binary data.. or any other data too like simple text..
I just started my career in development field. that's the reason, i am asking so many questions... Thank you !!
Great questions!
1) prefetching is implemented by the browser, if you write your own app you will have to do the prefetching
2) the browser always sends the request if it was asked to (script call) the server tells the client if the content has changed, your idea is amazing 😉 you can sure cache things to safe yourself the extra request that are useless. That being said , those requests dont cost much because the response is empty..
3) you can override browser’s prefetching i believe
@@hnasr Thank you, I will look into overriding prefetching stuff..
Minor nit .. (well many not minor) .. you can technically have a body in a GET request
I don't want to mix up this question with previous one's.. I am creating a new comment..
While reading mozilla document on HTTP. I found following sentence under webserver section ( developer.mozilla.org/en-US/docs/Web/HTTP/Overview)
A server is not necessarily a single machine, but several server software instances can be hosted on the same machine. With HTTP/1.1 and the Host header, they may even share the same IP address.
Question : why we need to install several server software instances on the same machine. is it like, on port 80 we are using some application and another port 8080 we are running some other application.. can't we do this single server software instance ?
Thanks mentor for all the help you are providing..
Great question again this is called SNI (server name indication) . You host multiple servers in a single machine to host multiple websites over a single static public ip address to save money since ips are expensive. Instead of having three public IP addresses you can have one public ip address point to a machine hosting 3 servers
Enjoy th-cam.com/video/t0zlO5-NWFU/w-d-xo.html
@@hnasr Thanks for the video, I will add it to my watch list..
Hi Hussein,
Can we cache get request, If yes then what is the use of caching get request.
Abhishek SHARMA hey! Sure you can cache get requests and I explain that in in minute 8:30
Add a comment...
no examples