0

We can accomplish the same thing by doing:

localhost:3000/endpoint?var1=val1&var2=val2

That we can do by using POST with a JSON body.

So why should anyone use PUT/POST/PATCH if they can get the same goals by using url params? Even with auth, instead of header, you can send the information of the auth token back and forth by using a parameter?

Onedayanam
  • 95
  • 7
  • Well, Ajax doesn't require a page reload every time you have to pass data back and forth. – Enfyve Jan 29 '17 at 16:07
  • for Ajax, the calls use separate connections (with or without long polling) which could also be GET or POST I think - should not concern the decision for GET/POST in the first page call. – Christoph Bimminger Jan 29 '17 at 16:11

2 Answers2

0

one reason is that GET parameters have to be URL-encoded. then there are limitations of URL length documented in RFC I think. This will make it difficult when transfering large data (e.g. file uploads,...)

additionally, developers may want to hide some informations from the user, to prevent users to bookmark a page with all these parameters...

Definitely NO reason for POST args is security on the transport layer. in both cases the data are plain text in HTTP, and both (also the URL) are encoded end-to-end when using a secure HTTPS connection.

Christoph Bimminger
  • 1,006
  • 7
  • 25
0

It is more secure, because your data is encrypted and sent in the header of the request.

Hajji Tarik
  • 1,072
  • 7
  • 23