GET和POST的区别

GET和POST的区别

前言

实际上这个问题总是会被问道,日常也常用到这两种方法,知道使用的场景,但是一直没有好好总结过,今天一并好好看看吧。

HTTP的请求类型

HTTP协议实际上是一种标准,规范,建议大家怎样去做,也方便一些底层实现,就跟交通规则一样,也就是说你不遵守也可以,你也可以使用其他方法实现,这一点可以看看参考链接5(评论也要看),下面说正题。

客户端对服务器的请求类型主要有四种:

  1. GET(从服务器获取)
  2. POST(向服务器发送请求数据)
  3. PUT(更新)
  4. DELETE(删除)

一般来讲,分别对应着查、增、更、删四种操作,不过实际上四种操作一般情况下通过GET和POST就可以完成了,所以日常使用最多的也都是这两个。

其他的用的比较少的还有一些方法,如HEAD,CONNECT等,详细的可以去看看参考链接1.

POST和GET区别

  1. GET被浏览器强制支持(POST是可选的,不过一般都支持)
  2. GET是幂等的,POST非幂等
  3. GET可以被浏览器缓存,POST不可以
  4. GET请求是『安全』的,POST不安全
  5. POST相对来说比GET要『安全』一些
  6. 参数大小(理想和现实)

幂等

幂等(idempotent、idempotence)是一个数学与计算机学概念,常见于抽象代数中。
在编程中.一个幂等操作的特点是其任意多次执行所产生的影响均与一次执行的影响相同。幂等函数,或幂等方法,是指可以使用相同参数重复执行,并能获得相同结果的函数。这些函数不会影响系统状态,也不用担心重复执行会对系统造成改变。

百度百科

例如abs(-1)=abs(abs(-1)),这里就是就是说每次GET得到的数据是不变的。

GET可以被缓存

比方说通过GET请求了某个url,然后一些参数都明确的附在url后面了,查看浏览器历史访问的时候就可以看见了,一些文件也在访问的同时被缓存了,而一般POST的则不会。

注:RFC中POST请求也可以被缓存,但是浏览器一般也不支持,就跟TCP/IP和OSI模型一样,理想和现实的区别

GET相对『安全』

这里的安全指的是GET不会改变服务器里的数据,而POST则一般会更改数据

POST相对『安全』

这里是说相对『安全』,url中会附带GET请求的一些参数,而POST的在url中则看不到。

注:抓包都能看见,都是明文传输

参数

RFC中并没有对请求的参数做大小限制,但是实际上浏览器对url的长度都有限制,一般对POST的数据大小也会做一些限制,所以也是标准和浏览器不一致的一个表现。

抓包示例

访问百度首页:

Request URL: https://www.baidu.com/his?wd=&from=pc_web&rf=3&hisdata=%5B%7B%22time%22%3A1472485042%2C%22kw%22%3A%22python%20descriptors%22%2C%22fq%22%3A2%7D%2C%7B%22time%22%3A1472485154%2C%22kw%22%3A%22python%20%E6%8F%8F%E8%BF%B0%E7%AC%A6%22%7D%2C%7B%22time%22%3A1472562247%2C%22kw%22%3A%22986211331%40qq.com%22%7D%2C%7B%22time%22%3A1472562268%2C%22kw%22%3A%22986211331%22%7D%2C%7B%22time%22%3A1472658905%2C%22kw%22%3A%22%E7%A5%9E%E8%B0%B7%E6%B5%A9%E5%8F%B2%22%7D%2C%7B%22time%22%3A1472737509%2C%22kw%22%3A%22acm%E7%A8%8B%E5%BA%8F%E8%AE%BE%E8%AE%A1%E6%9B%BE%E5%AE%97%E6%A0%B9.pdf%22%7D%2C%7B%22time%22%3A1472739589%2C%22kw%22%3A%22js%E5%9C%A8%E7%BA%BF%E8%BF%90%E8%A1%8C%E7%8E%AF%E5%A2%83%22%7D%2C%7B%22time%22%3A1472742172%2C%22kw%22%3A%22python%20list%E5%AE%9E%E7%8E%B0%22%7D%2C%7B%22time%22%3A1472742203%2C%22kw%22%3A%22python%20list%E5%AE%9E%E7%8E%B0%E5%8E%9F%E7%90%86%22%7D%5D&json=1&p=3&sid=1423_21080_17001_21454_21408_21530_21394_21377_21525_21193_21340&req=2&csor=0&cb=jQuery110206180327587440435_1478851141424&_=1478851141425
Request Method: GET
Status Code: 200

Query Url
wd:
from: pc_web
rf: 3
hisdata: [{"time":1472485042,"kw":"python descriptors","fq":2},{"time":1472742203,"kw":"python list实现原理"}]
json: 1
p: 3
sid: 1423_21080_17001_21454_21408_21530_21394_21377_21525_21193_21340
req: 2
csor: 0
cb: jQuery110206180327587440435_1478851141424
_: 1478851141425

Cookie
BIDUPSID: 9D2194F1CB8D1E56272947F6B0E5D47E
PSTM: 1472480791
BAIDUID: 3C64D3C3F1753134D13C33AFD2B38367:FG
BDUSS: 2lQcVh1YlpvMnh2TzRjYlVFdk5QaHF3cjU3QU9iMX5lRDM3LWpzakZLMGNJVFZZSVFBQUFBJCQAAAAAAAAAAAEAAACteXsbYnRfY2hpbGQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByUDVgclA1YY
ispeed_lsm: 2
sug: 3
sugstore: 0
ORIGIN: 0
bdime: 0
BD_CK_SAM: 1
PSINO: 1
MCITY: -131:
pgv_pvi: 3797581824
pgv_si: s1725897728
BD_HOME: 0
H_PS_PSSID: 1423_21080_17001_21454_21408_21530_21394_21377_21525_21193_21340
__bsi: 12012153060652273641_00_7_N_N_12_0303_C02F_N_N_Y_0
BD_UPN: 123253

Request Headers
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36
Referer: https://www.baidu.com/
Accept-Encoding: gzip, deflate, sdch, br
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cookie: BIDUPSID=9D2194F1CB8D1E56272947F6B0E5D47E; PSTM=1472480791; BAIDUID=3C64D3C3F1753134D13C33AFD2B38367:FG=1; BDUSS=2lQcVh1YlpvMnh2TzRjYlVFdk5QaHF3cjU3QU9iMX5lRDM3LWpzakZLMGNJVFZZSVFBQUFBJCQAAAAAAAAAAAEAAACteXsbYnRfY2hpbGQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByUDVgclA1YY; ispeed_lsm=2; sug=3; sugstore=0; ORIGIN=0; bdime=0; BD_CK_SAM=1; PSINO=1; MCITY=-131%3A; pgv_pvi=3797581824; pgv_si=s1725897728; BD_HOME=0; H_PS_PSSID=1423_21080_17001_21454_21408_21530_21394_21377_21525_21193_21340; __bsi=12012153060652273641_00_7_N_N_12_0303_C02F_N_N_Y_0; BD_UPN=123253

Response Headers
Server: bfe/1.0.8.18
Date: Fri, 11 Nov 2016 07:59:01 GMT
Content-Type: baiduApp/json; v6.27.2.14; charset=UTF-8
Content-Length: 95
Connection: keep-alive
Cache-Control: private
Expires: Fri, 11 Nov 2016 08:59:01 GMT
Set-Cookie: __bsi=11774586423664544879_00_0_I_R_5_0303_C02F_N_I_I_0; expires=Fri, 11-Nov-16 07:59:06 GMT; domain=www.baidu.com; path=/

登录百度:

Request URL: https://passport.baidu.com/v2/api/?login
Request Method: POST
Status Code: 200

Form Data
apiver: v3
callback: parent.bd__pcbs__61n3hb
charset: UTF-8
codestring: jxG2807c1ef85aec1da0283145d4301817f0b9f430753047e7d
countrycode:
crypttype: 12
detect: 1
gid: 935C87C-CB91-4089-88A3-0C19271057C4
idc:
isPhone: false
logLoginType: pc_loginDialog
loginmerge: true
logintype: dialogLogin
mem_pass: on
password: 这个地方是你的密码,加密传输的
ppui_logintime: 13932
quick_user: 0
rsakey: FzhOuTsGs1Uy5INYHcBWULuSgzBjJ55k
safeflg: 0
splogin: rate
staticpage: https://www.baidu.com/cache/user/html/v3Jump.html
subpro:
token: 1c483364b3034b76a9c71f9a185babae
tpl: mn
tt: 1478851406443
u: https://www.baidu.com/
username: xxxxx
verifycode: 随机

Cookie (16) 859byte

Request Headers
Origin: https://www.baidu.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer: https://www.baidu.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cookie: BIDUPSID=9D2194F1CB8D1E56272947F6B0E5D47E; PSTM=1472480791; BAIDUID=xxx:FG=1; HISTORY=xxx; UBI=xxx; USERNAMETYPE=1; BDUSS=xxx; PTOKEN=xxx; STOKEN=xxx; Hm_lvt_90056b3f84f90da57dc0f40150f005d5=1474709962,1477285019; PSINO=1; MCITY=-131%3A; pgv_pvi=3797581824; pgv_si=s1725897728; H_PS_PSSID=1423_21080_17001_21454_21408_21530_21394_21377_21525_21193_21340; HOSUPPORT=1

Response Headers
Cache-Control: public
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 11 Nov 2016 08:03:26 GMT
Expires: 0
Last-Modified: Fri, 11 Nov 2016 08:03:26 8NovGMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Pragma: public
Server: Apache
Set-Cookie: HISTORY=xxx; expires=Tue, 28-Jan-2025 08:03:26 GMT; path=/; domain=passport.baidu.com
Set-Cookie: PTOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=baidu.com
Set-Cookie: BDUSS=xxx; expires=Tue, 28-Jan-2025 08:03:26 GMT; path=/; domain=baidu.com; httponly
Set-Cookie: SAVEUSERID=db90414f8e929f9697edf723; expires=Tue, 28-Jan-2025 08:03:26 GMT; path=/; domain=passport.baidu.com; httponly
Set-Cookie: USERNAMETYPE=1; expires=Tue, 28-Jan-2025 08:03:26 GMT; path=/; domain=passport.baidu.com; httponly
Set-Cookie: PTOKEN=xxx; expires=Tue, 28-Jan-2025 08:03:26 GMT; path=/; domain=passport.baidu.com; secure; httponly
Set-Cookie: STOKEN=64043ad4e803a599fd2b62679787454417ff93b6881091e02cb6a16a94903763; expires=Tue, 28-Jan-2025 08:03:26 GMT; path=/; domain=passport.baidu.com; secure; httponly
Set-Cookie: UBI=fi_PncwhpxZ%7ETaPjUebleBFJcfa6F-5SpIup-ESjK87LvmLSgz4Dh-UObcKvBcfkWYQeS1jkqy4WX3iHYmTcjxVI49atUCMJ7RvgZT0DyKDligJJ7AF0khR1NQ-HZaQikYnJ89s0Zl4zxEFCfEcp5aaos7W; expires=Tue, 28-Jan-2025 08:03:26 GMT; path=/; domain=passport.baidu.com; httponly
Set-Cookie: PASSID=HqKEZn; expires=Thu, 12-Nov-2015 08:03:26 GMT; path=/; domain=passport.baidu.com; httponly
Strict-Transport-Security: max-age=31536000
Tracecode: 02064626530962606090111116
Tracecode: 02064626530792538122111116
Vary: Accept-Encoding
Transfer-Encoding: chunked

参考

  1. HEAD/CONNECT等
  2. segmentfault--GET和POST区别
  3. 知乎-GET和POST的区别
  4. 读HTTP协议
  5. 99%的人理解错 HTTP 中 GET 与 POST 的区别
  6. cnblogs-GET POST 区别
  7. 服务器如何解析HTTP请求
posted @ 2016-11-11 16:09  wswang  阅读(11778)  评论(0编辑  收藏