1

I'm developing a web page on JSP using the Spring Framework. I know the difference between GET and POST generally. If the page sends information through POST, the sent information is not visible in the URL and in GET, it is visible.

I'm currently sending and receiving information via Controllers and just before writing my controller, I use Request mapping as follows:

@RequestMapping(value = "/pri/SuperUser/ResetPassword.qib",method = RequestMethod.GET)
@Override
public ModelandView function(Model model){
...
...

So, what is the difference between using GET and POST in this case? There should be something else different than just seeing the sent information in the URL.

Sara Yusri
  • 9
  • 3
Burak T
  • 67
  • 1
  • 3
  • 8
  • 4
    Please search first. The basic differences (which do not sound as they have been described above) between HTTP GET/POST are covered by Wikipedia and who-knows-what-else. Likewise, so is the "appropriate HTTP verb" to use with REST, etc. –  Jan 10 '13 at 09:02
  • http://www.w3schools.com/tags/ref_httpmethods.asp – František Žiačik Jan 10 '13 at 09:03
  • you could look at the source for RequestMethod, and this isn;t really anythgin to do with spring – NimChimpsky Jan 10 '13 at 09:04

5 Answers5

22

It sounds like you don't quite have GET/POST understood completely yet.

Try thinking of it like this for a web application:

GET A GET method should be used to retrieve data from the server. Multiple get requests to the same URL should be valid and no data should be changed on the server side.

However, this doesn't mean it is not possible to make a GET request change things server side, but you should try to make sure you are following the standard.

POST A POST method should be used when you need to create, update or delete data on the server side. Making the same POST request multiple times may not be safe and may result in inconsistent data. The content of a POST request is sent in the request body. Hence, you don't see the parameters in your browser, but it is easy to see them if you wanted to (Even using the browser developer tools) so it is no more safe than a GET request.

NOTE: this is how they are used in general on the WEB, it is not the actual spec as there are other methods available. If you are creating a REST service you will want to explore the other methods

(Briefly - POST - for creating data, PUT - for updating data and DELETE for deleting data)

It may be worth reading the actual spec to get a complete understanding: http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html

If you did want to secure your HTTP requests, then this can be done using SSL encryption over HTTPS (A separate topic)

cowls
  • 24,013
  • 8
  • 48
  • 78
2

GET - Safe, Idempotent, and Cacheable

POST - None of these characteristics

Check out: GoogleDevelopers Link (video)

shaunw
  • 360
  • 1
  • 3
  • 10
  • I like how POST is summarized :D Interesting read wrt POST cachability: [Is it possible to cache POST methods in HTTP?](http://stackoverflow.com/questions/626057/is-it-possible-to-cache-post-methods-in-http) –  Jan 10 '13 at 09:09
1

The method will only accept methods using GET. You cannot POST to this URL.

You get the standard differences such as the data you send this endpoint will show in the browser URL after ?var=value

So you can perform a get request to...yoururl.com/pri/SuperUser/ResetPassword.qib

David
  • 19,577
  • 28
  • 108
  • 128
  • POST can use the *query string* of a URI as well and a GET via AJAX will not show up in the browser location at all. –  Jan 10 '13 at 09:04
  • Yes, this is true, but I didn't think the Spring Framework would process the request if a POST was sent to the URI that OP has posted? – David Jan 10 '13 at 09:06
  • You're correct in that it only maps the GET verb. I was just pointing out some details. –  Jan 10 '13 at 09:07
  • Thanks, but what should I exactly do to send this data by using POST instead of GET? – Burak T Jan 10 '13 at 09:17
1

If your data are confidential, it's better to use the POST method because it will not reflect on the url, unlike GET.

Jj Tuibeo
  • 773
  • 4
  • 18
  • 4
    Well, this is "sort of" true. 1) If the data is confidential the more important thing is HTTPS is used 2) A POST that uses the query string is no more secure than a GET in terms of logging/caching sensitive information. –  Jan 10 '13 at 09:07
0

It's the same as in generally. The RequestMapping process either GET or POST sent data.

E.g. if you type in your browser "DOMAIN/pri/SuperUser/ResetPassword.qib" and open the URL it's GET.

If you submit form with POST method from HTML page it's POST

StanislavL
  • 56,971
  • 9
  • 68
  • 98