get vs. post: a detailed explanation
Here is a a detailed explanation about HTTP get vs post
||GET method is visible to everyone (it will be displayed in the browser’s address bar) and has limits on the amount of information to send.
||POST method variables are not displayed in the URL.
||GET method should not be used when sending passwords or other sensitive information.
||POST method used when sending passwords or other sensitive information.
|Restrictions on form data length:
||Yes, since form data is in the URL and URL length is restricted
||GET is less secure compared to POST because data sent is part of the URL. So it’s saved in browser history and server logs in plaintext.
||POST is a little safer than GET because the parameters are not stored in browser history or in web server logs.
|Restrictions on form data type:
||Yes, only ASCII characters allowed.
||No restrictions. Binary data is also allowed.
||Easier to hack for script kiddies
||More difficult to hack
||can send but the parameter data is limited to what we can stuff into the request line (URL).
||Can send parameters, including uploading files, to the server.
||Can be bookmarked.
||Can not bookmarked.
|Encoding type (enctype attribute):
||multipart/form-data or application/x-www-form-urlencoded
|BACK button/re-submit behaviour:
||GET requests are re-executed.
||The browser usually alerts the user that data will need to be re-submitted.
||Parameters remain in browser history because they are part of the URL
||Parameters are not saved in browser history.
|Large variable values:
||2000 character maximum size.
||8 Mb max size for the POST method.
||Can be cached