Making a Server Request (^) ❘ 179
What’s the Difference Between GET and POST?
At face value, the GET and POST methods seem identical: Both allow you to request a web page
and send data along with that request. Most of the time, for AJAX requests, you want to use the
GET method because it is slightly faster from a performance standpoint where AJAX is concerned,
but there are other differences that you should be aware of that address semantic differences
between the two methods, as well as technical and security differences. The following outlines
these differences:➤ (^) The GET method is intended for requests that have no tangible, lasting effect on the state of
anything. (The HTTP specifi cation calls this type of request safe.) For example, when you
make a request and you’re simply retrieving data from a database, GET is properly suited for
this type of request. If a request results in a change to the database via an insertion, update,
or deletion—for example, when managing content or making an order or uploading data—
the POST method is best suited. This difference, however, is merely semantic.
➤ (^) Using the POST method causes a browser to automatically prevent resubmitting a form if the
user navigates back to a submitted form using the browser’s Back button because the POST
method is intended to be used for situations in which data manipulation occurs. This is a
technical difference put in place to prevent resubmission of form data. But this automatic
prevention is ineffective because you still have to design your server-side programs to account
for possible resubmissions... anything that can go wrong, will! Users can be impatient and
click the Submit button multiple times or refresh submitted forms, ignoring a browser’s warn-
ings. However, the GET method provides no automatic protection against resubmission. This
difference is mostly inconsequential to AJAX programming because there is no way for a user
to resubmit a POST request without you specifi cally designing the ability into your program.
➤ (^) The GET method has a much lower limitation on request length imposed than the POST
method. This difference is a technical one that can have an effect on your applications. The
limitation of the length a GET request can be varies among browsers, but RFC 2068 states that
servers should be cautious about depending on URI lengths greater than 255 bytes. Because
GET request data is included as part of the URI (the web page’s address), the GET request is
actually limited by the length of the URI a browser supports. Internet Explorer can support a
URL up to 2,083 characters in length, which is ridiculously long. The POST method, however,
theoretically has no limitation on length other than what your server is confi gured to accept.
PHP (a server-side language), for example, is confi gured to accept a POST request that’s 8 MB
or less in size, by default. This setting and others, such as how long a script can execute and
how much memory it can consume, collectively defi ne how big your POST requests can be in
the context of that server-side language. Other server-side languages, no doubt, have similar
confi guration settings; on the client side, however, a POST request has no hard limitation
defi ned, other than the limits of the client’s hardware, network, and server capabilities.
➤ (^) The POST and GET methods can be encoded differently, again a technical difference. I’m
not going to go into this difference in great detail because it is outside the scope of this book.
This difference applies when you want to upload fi les via the POST method; I discuss how to
perform a fi le upload via POST in Chapter 11, “HTML5 Drag and Drop.” As you will see in
Chapter 11, however, when doing a fi le upload via AJAX APIs provided by the browser, the
browser takes care of encoding for you.
http://www.it-ebooks.info