Friday, 7 March 2014

HTTP Get and Post Methods

Use Get only for safe and idempotent operations. Safe operations are those which do not update a state, for example, a database table. Idempotent operations are those which return the same result no matter how many times you call them. 
It's evident that Get is suitable for retrieving the result of a query and in this regard, similar to a SQL select.

Use Post where the operation is neither safe nor idempotent. For example, imagine you want the client to register on your registration page. Here, if the registration succeeds, a new entry will be added to the database table. In this case, of course, the state is being modified and a Post would be the better thing to do. We can see that such registration operations are not idempotent either. While it is true, that the system would not permit a user to register with the same credentials over and over again, this is a business logic concern. In theory, a database would not disallow two objects to have identical values. We can see that a Post is similar to a SQL insert.

There is also a Put operation that is suited to unsafe operations that are idempotent but I will not discuss that here.

As for other differences, a Get causes the url to bear the entire query and as such not suitable for transmitting sensitive data like passwords. In contrast, the query is transmitted invisibly with Post, so it may be used to safely transmit passwords and other information that require some element of confidentiality. There is also a limit to the amount of data that Get supports. There is apparently, no such limit for Post request.


No comments:

Post a Comment