41

Is there a well-supported, common behavior that I can expect if I do something like this in HTML:

<form method="get" action="/somePage.html?param1=foo&param2=foo">
  <input name="param2"></input>
  <input name="param3"></input>
</form>

Seems like this sort of thing is inherently ridiculous, but I've seen it used here and there and I was wondering what on Earth the expected behavior should be. Are browsers smart enough to tack on "&param2=whatever&param3=whatever" to the action, or do they just throw in a second question mark? Or what? Are there cases where this is actually the right way to do things?

Rex M
  • 142,167
  • 33
  • 283
  • 313
Brandon Yarbrough
  • 37,021
  • 23
  • 116
  • 145
  • If you are using apache and need workaround, [there are one in another stackoverflow answer][1] [1]: http://stackoverflow.com/questions/1116019/submitting-a-get-form-with-query-string-params-and-hidden-params-disappear/#16415773 – wanis May 07 '13 at 09:56
  • 1
    Does this answer your question? [When submitting a GET form, the query string is removed from the action URL](https://stackoverflow.com/questions/1116019/when-submitting-a-get-form-the-query-string-is-removed-from-the-action-url) – miken32 Jun 07 '21 at 22:42

4 Answers4

70

If the method attribute is set to GET, the browser drops the querystring parameters from the action attribute before constructing the form argument values.

So in your example, the request to the server on submit will look like: /somePage.html?param2=value&param3=value

So no, when the method is "GET", as in your example, there's no reason to do this.

Rex M
  • 142,167
  • 33
  • 283
  • 313
  • 4
    and if the method attribute were set to POST, then both would be preserved. The request to the server would have param1=foo&param2=foo on the query string, and param2 (with different value) and param3 as posted form values. – thomasrutter Apr 09 '09 at 01:32
  • @thomasrutter quite right! I think that's slightly outside the scope of this discussion. The interesting part is the obvious collision. – Rex M Apr 09 '09 at 01:33
  • 1
    @Rex - I think it's fascinating that the behavior is different for GET and POST. That I did not expect. Is there a logical reason why? – Brandon Yarbrough Apr 09 '09 at 01:41
  • 2
    @CaptainAwesomePants - by definition, using "GET" requires use of the querystring. The easiest way to handle it risk-free is to blow away anything first. POST has no need for the querystring, so no need to remove it to make room. – Rex M Apr 09 '09 at 01:44
  • If there's no `param2` in the input fields, will it still drops `param2` first ? – WoooHaaaa Aug 12 '13 at 02:48
27

Not sure, but I think it's better practice to place those variables in hidden input fields. This way it doesn't matter if your posting method is either POST or GET.

<form method="get" action="/somePage.html">
  <input name="param2"></input>
  <input name="param3"></input>
  <input type="hidden" name="param1" value="foo" />
  <input type="hidden" name="param2" value="foo" />
</form>
Luke
  • 20,878
  • 35
  • 119
  • 178
  • How do I specify nameless parameter like http://ssrs/ReportServer/Pages/ReportViewer.aspx?/Folder1/SomeReport1&rs:Command=Render&PersonParameter=BorisIvanov? – meir Sep 04 '19 at 03:27
  • There is no such thing as nameless parameter; you can have a valueless parameter. Like `&param1=foo&param2&param3=bar`. – Kamafeather Sep 17 '20 at 09:34
4

You could change the method attribute in the form to "POST" with script before posting the form, so there could be a use for the query string in the action. It hardly seems to be the best solution for anything, though.

Guffa
  • 687,336
  • 108
  • 737
  • 1,005
3

Well, all the questions have been answered except the last, to which the answer is yes. For POST, it's allowed, but you may well find cases where it doesn't work. I've seen web servers that only allow postdata or querystring, so it's not dependable.

Mark
  • 6,269
  • 2
  • 35
  • 34