一個簡單的Web登錄程序 GET和POST的區別
JSP程序
首先,寫一個JSP程序,提交表單:
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <% String path = request.getContextPath(); String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <base href="<%=basePath%>"> <title>My JSP 'login.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <!-- <link rel="stylesheet" type="text/css" href="styles.css"> --> </head> <body> <form action="Login"> username: <input type="text" name="username"><br> password: <input type="password" name="password"><br> <input type="submit" value="submit"> <input type="reset" value="reset"> </form> </body> </html>
注意action中是web.xml中的url-pattern,(這里給出相對路徑),這樣,提交之后才能啟動相應的Servlet程序。
Servlet程序
然后,寫一個Servlet程序,將收到的數據顯示出來:
package com.shengqishiwind.servlet; import java.io.IOException; import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class LoginServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { processLogin(req, resp); } private void processLogin(HttpServletRequest req, HttpServletResponse resp) throws IOException { String username = req.getParameter("username"); String password = req.getParameter("password"); resp.setContentType("text/html"); PrintWriter out = resp.getWriter(); out.println("<html><head><title>Login Result</title></head>"); out.println("<body> username: " + username + "<br>"); out.println("password: " + password + "</body></html>"); out.flush(); } }
web.xml
在web.xml中建立好映射關系:
<?xml version="1.0" encoding="UTF-8"?> <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> <servlet> <servlet-name>LoginResult</servlet-name> <servlet-class>com.shengqishiwind.servlet.LoginServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>LoginResult</servlet-name><!-- servlet-name 要和上面的保持一致--> <url-pattern>/Login</url-pattern><!-- 注意前面要有斜線--> </servlet-mapping> </web-app>
程序運行
首先,需要在服務器的server.xml中配置好路徑。Host標簽中:
<Context path="/HelloLogin" docBase="E:\MDD\MyEclipseWorkspace\HelloLogin\WebRoot" reloadable="true"/>
然后,啟動Tomcat服務器(運行startup.bat)。
在瀏覽器中輸入:http://localhost:8080/HelloLogin/login.jsp
顯示登錄頁面:
輸入后點擊submit,進入下一個頁面:
注意此時瀏覽器地址欄中顯示:http://localhost:8080/HelloLogin/Login?username=shengqishi&password=wind
get和post方法
上面,瀏覽器中地址欄顯示的是:
http://localhost:8080/HelloLogin/Login?username=shengqishi&password=wind
這樣豈不是直接將用戶名和密碼暴露出來了?
在jsp的form表單中,有這樣一個屬性:method,它的默認值是get,如果將它設置為post,則提交表單后,地址欄不會有用戶名和密碼的顯示。
但是Servlet程序中需要提供doPost()的實現。
改動如下:
將JSP程序改為:
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <% String path = request.getContextPath(); String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <base href="<%=basePath%>"> <title>My JSP 'login.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <!-- <link rel="stylesheet" type="text/css" href="styles.css"> --> </head> <body> <form action="Login" method="post"> username: <input type="text" name="username"><br> password: <input type="password" name="password"><br> <input type="submit" value="submit"> <input type="reset" value="reset"> </form> </body> </html>
Servlet程序改為:
package com.shengqishiwind.servlet; import java.io.IOException; import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class LoginServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { processLogin(req, resp); } @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { processLogin(req, resp); } private void processLogin(HttpServletRequest req, HttpServletResponse resp) throws IOException { String username = req.getParameter("username"); String password = req.getParameter("password"); resp.setContentType("text/html"); PrintWriter out = resp.getWriter(); out.println("<html><head><title>Login Result</title></head>"); out.println("<body> username: " + username + "<br>"); out.println("password: " + password + "</body></html>"); out.flush(); } }
再次啟動瀏覽器,輸入:http://localhost:8080/HelloLogin/login.jsp
提交后,地址欄中顯示的是:http://localhost:8080/HelloLogin/Login
后面沒有用戶名和密碼信息。
這是因為POST請求將請求參數不是作為請求URL的一部分,而是將請求參數作為請求體的一部分(兩個回車之后附加請求參數)。
POST方法向服務器發送請求,要求服務器接受附在后面的數據。POST方法在表單提交的時候用的最多。
總結:
get與post方法之間的差別:
1.瀏覽器地址欄呈現的結果不同(表象);
2.真正的原因在於向服務器端發送請求時的形式是不同的。
3.get的請求格式:
GET /test/LoginServlet?username=hello&password=world HTTP/1.1
4.post的請求格式:
POST /test/LoginServlet HTTP/1.1
Connection: Keep-Alive
username=hello&password=world
5.通過瀏覽器進行文件上傳時,一定要使用post方式而絕不能使用get方式。
6.通過瀏覽器地址欄輸入網址的方式來訪問服務器端資源,全部使用的是get方法請求的。
參考資料
聖思園張龍老師視頻教程。