This question already has answers here:
Closed 12 years ago.
Possible Duplicate:
When do you use POST and when do you use GET?
I know the basic difference between GET and POST methods. That is we can see the URL parameters in case of GET and can't see the URL parameters in case of POST. Of course we can pass huge amounts of data by POST which is not possible through GET.
Are there any other differences between these two methods ?
GET is for data retrieval only. You can refine what you are getting but it is a read only setup and yes, as you mentioned anything used for refinement are part of the URL.
POST is meant for sending data, but is generally a way to 'break' the simple workings of HTML because you are neither guaranteed of anything that is happening, it can just fetch data, send data or delete data.
There are also PUT and DELETE in the HTML standards, but its all about finding web servers that support these actions as well. As the names imply PUT sends data for either the creation or updating while DELETE is for removal of data.
Enjoy! :)
Other implementation differences in GET and POST:
they have different encoding schemes. multipart/form-data is for POST only
the result of POST may not result in an actual page.
url limit necessitates use of POST
If you are using HIDDEN inputs in form then submitting a GET request reveals those inputs
Related
After trying Paw3 for a while, I found it's really amazing, but I have some little issue about the operation:
How can I bulk edit HTTP headers instead of editing in a table one by one?
How can I fold some of the JSON text code when response is too long?
When I search in the response, is there any way to show the number of the matches?
Many thanks.
Thanks for the kind words about Paw!
Unfortunately, none of the 3 things you've asked are already implemented.
How can I bulk edit HTTP headers instead of editing in a table one by one?
There's no ability to bulk-edit headers yet. Instead, we recommend users to use environment variables as reusable presets. We'd like to later add a batch-edit feature.
How can I fold some of the JSON text code when response is too long?
There's no way to fold JSON texts yet. You could use the regular JSON tree if you need to fold items. Same here, it's something we'd like to add to the text too.
When I search in the response, is there any way to show the number of the matches?
Not displayed. It would be easy to add though. I take note :)
I've read lots of articles about the differences between GET and POST. Lots of them are available here at StackOverflow.
A summary of the important differences is:
Post can send its information via body while GET should not (but I think it can be done practically)
Some browsers cache the GET results and rely on the idempotent behavior of GET requests.
Using GET is much easier than using POST for most of developers.
Concluding this summary, Using GET in POST situations is bad and dangerous.
But is it true that ignoring the easiness, POST can be used as a replacement of the GET requests as it seems it totally covers the GET requirements.
To clarify that I'm not crazy!, I'm not going to use POST instead of GET. This question is just about to check if I understand the GET and POST difference correctly.
No, POST is not a replacement of GET requests. There are two important things that a POST request cannot do that a GET request can.
You cannot generate a POST request simply by typing a URL in the address bar of the browser. This always generates a GET request.
You cannot generate a POST requesting using an ordinary link in HTML. This has far-reaching consequences. You cannot find a page that is only accessible using a POST request with any search engine, and you cannot link to it unless it is done by an HTML form or using Javascript.
Its a good practice that you classify your transaction. These methods are very important specially when you are developing an API Service Oriented architecture or even Single Page Applications.
GET - used to retrieve a dataset. (also has a limitation for url length. parameters are exposed and urlencoded.)
POST - Saving/adding (this is more secure)
EX:
GET /items - means you are getting the list of items.
POST /items - means you are saving/adding item(s)
and later you might need to learn PUT and DELETE too.
But for now, always use POST in your form or ajax request when saving/adding data. and GET when retrieving data.
I have the following URI: Posts/{postId}/Comments/{commentId}
I would like to enable users to edit a comment through my API, should the edit be done with POST or PUT?
One one hand, POST updates the contents of a resource so that makes sense but on the other hand PUT replaces it with a new one. So if I understand correctly with POST I need to send only what needs to be updates and with PUT I send the whole resource.
Usually in edit forms, the whole resource is loaded anyway so what's the point of using POST?
If I take one approach or the other, what are the differences?
From what I have read (in RESTful Web Services, published by O'Reilly), it seems clear that you should use PUT to update an existing comment.
PUT is meant to be used for updating as well as creating a resource.
POST can also be used for creating a resource. The difference here is that when POSTing, you don't need to know the exact URI of the resource to be created. (The service will report the new resource's URI in its response.)
POST is appropriate for partial updates, or when appending information to a resource; PUT is appropriate for a full update (replacement) of a resource.
When updating, you can send partial updates, but you should make sure that these are idempotent; ie. if you send the same update more than once, the update will always have the same effect. Don't send an update such as "Increase n by 1"; instead, send an update such as "Set n to 5."
Thus, my suggestion for your case are as follows:
Use POST to /Posts/{postId}/Comments to create a new comment, since the client doesn't know the {commentId} in advance.
Use PUT /Posts/{postId}/Comments/{commentId} to completely update a comment (or perhaps POST when appending text to it).
see here:
PUT vs POST in REST
This question already has answers here:
Closed 13 years ago.
Possible Duplicates:
How should I choose between GET and POST methods in HTML forms?
When do you use POST and when do you use GET?
Obviously, you should. But apart from doing so to fulfil the HTTP protocol, are there any reasons to do so? Less overhead? Some kind of security thing?
because GET must not alter the state of the server by definition.
see RFC2616 9.1.1 Safe Methods:
9.1.1 Safe Methods
Implementors should be aware that the
software represents the user in their
interactions over the Internet, and
should be careful to allow the user to
be aware of any actions they might
take which may have an unexpected
significance to themselves or others.
In particular, the convention has been
established that the GET and HEAD
methods SHOULD NOT have the
significance of taking an action other
than retrieval. These methods ought to
be considered "safe". This allows user
agents to represent other methods,
such as POST, PUT and DELETE, in a
special way, so that the user is made
aware of the fact that a possibly
unsafe action is being requested.
If you use GET to alter the state of the server then a search engine bot or some link prefetching extension in a web browser can wreak havoc on your site and (for example) delete all user data just by following links to your site.
There is a nice paper by the W3C about this: URIs, Addressability, and the use of HTTP GET and POST.
1.3 Quick Checklist for Choosing HTTP GET or POST
Use GET if:
The interaction is more like a question (i.e., it is a safe operation such as a query, read operation, or lookup).
Use POST if:
The interaction is more like an order, or
The interaction changes the state of the resource in a way that the user would perceive (e.g., a subscription to a service), or
The user be held accountable for the results of the interaction
Because, if you use GET to alter state, Google can delete your stuff.
When do you use POST and when do you use GET?
How should I choose between GET and POST methods in HTML forms?
If you accept GETs to perform write operations then a malicious hacker could inject somewhere links to perform an unauthorized operation. Your user clicks on a link - and something is deleted from a database. Or maybe some amount of money is transferred away from the user's account if he's still logged in to their online banking.
http://superbank.com/TransferMoney?amount=1000&recipient=2342524
Send a malicious email with an embedded image referencing this link, and as soon as the document is opened, something funny has happened behind the scenes.
GET is limited by the length of URL the browser/server can handle. This used to be as short as 256 characters.
There is atleast one situation where you want a GET to change data on the server. That is when a GET returns data, and you need to record which data was given to a user and when it was given.
If you use complex data types then it must be in a POST it cannot be in a GET. For example testing a WCF web service in a browser can only be done when the contract uses simple data types.
Using GET and POST where it is expected helps to keep your program understandable.
When you use POST, you can see the information being "posted" in the address-bar of the web browser. This is [apparently] not the case when you use the GET method.
This article was somewhere on http://www.w3schools.com/ Once I've found the exact page it was on, I'll repost. :-)
This question already has an answer here:
Closed 10 years ago.
Possible Duplicate:
Rails 3 Custom Route that takes multiple ids as a parameter
From what I understand, a good REST URL for getting a resource would look like this:
/resource/{id}
The problem I have is, that I often need to get a large number of resources at the same time and do not want to make a separate HTTP call for each one of them.
Is there a neat URL design that would cater for that or is this just not suitable for a REST API?
Based on your response, the answer to your question is to create a new resource that contains that single set of information. e.g.
GET /Customer/1212/RecentPurchases
Creating composite urls that have many identifiers in a single url limits the benefits of caches and adds unnecessary complexity to the server and client. When you load a web page that has a bunch of graphics, you don't see
GET /MyPage/image1.jpg;image2.jpg;image3.jpg
It just isn't worth the hassle.
I'd say /resources/foo,bar,baz (separator may vary depending on IDs' nature and your aesthetic preferences, "foo+bar+baz", "foo:bar:baz", etc.). Looks a bit "semantically" neater than foo/bar/baz ("baz of bar of foo"?)
If resource IDs are numeric, maybe, even with a range shortcut like /resources/1,3,5-9,12
Or, if you need to query not exactly on resources with specifical IDs, but on group of resources having specific properties, maybe something like /resources/state=complete/size>1GiB/!active/...
I ahve used in the past something like this.
/resources/a/d/
and that would return between x and Y a list.
something like
<resources>
<resource>a</resource>
<resource>b</resource>
<resource>c</resource>
<resource>d</resource>
</resources>
you could also put more advanced searches into the URL dpending on what resource actuall is.
maybe you could try with
[GET]/purchases/user:123;limit:30;sort_date:DESC