GET和POST的區別
前言
實際上這個問題總是會被問道,日常也常用到這兩種方法,知道使用的場景,但是一直沒有好好總結過,今天一並好好看看吧。
HTTP的請求類型
HTTP協議實際上是一種標准,規范,建議大家怎樣去做,也方便一些底層實現,就跟交通規則一樣,也就是說你不遵守也可以,你也可以使用其他方法實現,這一點可以看看參考鏈接5(評論也要看),下面說正題。
客戶端對服務器的請求類型主要有四種:
- GET(從服務器獲取)
- POST(向服務器發送請求數據)
- PUT(更新)
- DELETE(刪除)
一般來講,分別對應着查、增、更、刪四種操作,不過實際上四種操作一般情況下通過GET和POST就可以完成了,所以日常使用最多的也都是這兩個。
其他的用的比較少的還有一些方法,如HEAD,CONNECT等,詳細的可以去看看參考鏈接1.
POST和GET區別
- GET被瀏覽器強制支持(POST是可選的,不過一般都支持)
- GET是冪等的,POST非冪等
- GET可以被瀏覽器緩存,POST不可以
- GET請求是『安全』的,POST不安全
- POST相對來說比GET要『安全』一些
- 參數大小(理想和現實)
冪等
冪等(idempotent、idempotence)是一個數學與計算機學概念,常見於抽象代數中。
在編程中.一個冪等操作的特點是其任意多次執行所產生的影響均與一次執行的影響相同。冪等函數,或冪等方法,是指可以使用相同參數重復執行,並能獲得相同結果的函數。這些函數不會影響系統狀態,也不用擔心重復執行會對系統造成改變。百度百科
例如abs(-1)=abs(abs(-1)),這里就是就是說每次GET得到的數據是不變的。
GET可以被緩存
比方說通過GET請求了某個url,然后一些參數都明確的附在url后面了,查看瀏覽器歷史訪問的時候就可以看見了,一些文件也在訪問的同時被緩存了,而一般POST的則不會。
注:RFC中POST請求也可以被緩存,但是瀏覽器一般也不支持,就跟TCP/IP和OSI模型一樣,理想和現實的區別
GET相對『安全』
這里的安全指的是GET不會改變服務器里的數據,而POST則一般會更改數據
POST相對『安全』
這里是說相對『安全』,url中會附帶GET請求的一些參數,而POST的在url中則看不到。
注:抓包都能看見,都是明文傳輸
參數
RFC中並沒有對請求的參數做大小限制,但是實際上瀏覽器對url的長度都有限制,一般對POST的數據大小也會做一些限制,所以也是標准和瀏覽器不一致的一個表現。
抓包示例
訪問百度首頁:
Request URL: https://www.baidu.com/his?wd=&from=pc_web&rf=3&hisdata=%5B%7B%22time%22%3A1472485042%2C%22kw%22%3A%22python%20descriptors%22%2C%22fq%22%3A2%7D%2C%7B%22time%22%3A1472485154%2C%22kw%22%3A%22python%20%E6%8F%8F%E8%BF%B0%E7%AC%A6%22%7D%2C%7B%22time%22%3A1472562247%2C%22kw%22%3A%22986211331%40qq.com%22%7D%2C%7B%22time%22%3A1472562268%2C%22kw%22%3A%22986211331%22%7D%2C%7B%22time%22%3A1472658905%2C%22kw%22%3A%22%E7%A5%9E%E8%B0%B7%E6%B5%A9%E5%8F%B2%22%7D%2C%7B%22time%22%3A1472737509%2C%22kw%22%3A%22acm%E7%A8%8B%E5%BA%8F%E8%AE%BE%E8%AE%A1%E6%9B%BE%E5%AE%97%E6%A0%B9.pdf%22%7D%2C%7B%22time%22%3A1472739589%2C%22kw%22%3A%22js%E5%9C%A8%E7%BA%BF%E8%BF%90%E8%A1%8C%E7%8E%AF%E5%A2%83%22%7D%2C%7B%22time%22%3A1472742172%2C%22kw%22%3A%22python%20list%E5%AE%9E%E7%8E%B0%22%7D%2C%7B%22time%22%3A1472742203%2C%22kw%22%3A%22python%20list%E5%AE%9E%E7%8E%B0%E5%8E%9F%E7%90%86%22%7D%5D&json=1&p=3&sid=1423_21080_17001_21454_21408_21530_21394_21377_21525_21193_21340&req=2&csor=0&cb=jQuery110206180327587440435_1478851141424&_=1478851141425
Request Method: GET
Status Code: 200
Query Url
wd:
from: pc_web
rf: 3
hisdata: [{"time":1472485042,"kw":"python descriptors","fq":2},{"time":1472742203,"kw":"python list實現原理"}]
json: 1
p: 3
sid: 1423_21080_17001_21454_21408_21530_21394_21377_21525_21193_21340
req: 2
csor: 0
cb: jQuery110206180327587440435_1478851141424
_: 1478851141425
Cookie
BIDUPSID: 9D2194F1CB8D1E56272947F6B0E5D47E
PSTM: 1472480791
BAIDUID: 3C64D3C3F1753134D13C33AFD2B38367:FG
BDUSS: 2lQcVh1YlpvMnh2TzRjYlVFdk5QaHF3cjU3QU9iMX5lRDM3LWpzakZLMGNJVFZZSVFBQUFBJCQAAAAAAAAAAAEAAACteXsbYnRfY2hpbGQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByUDVgclA1YY
ispeed_lsm: 2
sug: 3
sugstore: 0
ORIGIN: 0
bdime: 0
BD_CK_SAM: 1
PSINO: 1
MCITY: -131:
pgv_pvi: 3797581824
pgv_si: s1725897728
BD_HOME: 0
H_PS_PSSID: 1423_21080_17001_21454_21408_21530_21394_21377_21525_21193_21340
__bsi: 12012153060652273641_00_7_N_N_12_0303_C02F_N_N_Y_0
BD_UPN: 123253
Request Headers
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36
Referer: https://www.baidu.com/
Accept-Encoding: gzip, deflate, sdch, br
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cookie: BIDUPSID=9D2194F1CB8D1E56272947F6B0E5D47E; PSTM=1472480791; BAIDUID=3C64D3C3F1753134D13C33AFD2B38367:FG=1; BDUSS=2lQcVh1YlpvMnh2TzRjYlVFdk5QaHF3cjU3QU9iMX5lRDM3LWpzakZLMGNJVFZZSVFBQUFBJCQAAAAAAAAAAAEAAACteXsbYnRfY2hpbGQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByUDVgclA1YY; ispeed_lsm=2; sug=3; sugstore=0; ORIGIN=0; bdime=0; BD_CK_SAM=1; PSINO=1; MCITY=-131%3A; pgv_pvi=3797581824; pgv_si=s1725897728; BD_HOME=0; H_PS_PSSID=1423_21080_17001_21454_21408_21530_21394_21377_21525_21193_21340; __bsi=12012153060652273641_00_7_N_N_12_0303_C02F_N_N_Y_0; BD_UPN=123253
Response Headers
Server: bfe/1.0.8.18
Date: Fri, 11 Nov 2016 07:59:01 GMT
Content-Type: baiduApp/json; v6.27.2.14; charset=UTF-8
Content-Length: 95
Connection: keep-alive
Cache-Control: private
Expires: Fri, 11 Nov 2016 08:59:01 GMT
Set-Cookie: __bsi=11774586423664544879_00_0_I_R_5_0303_C02F_N_I_I_0; expires=Fri, 11-Nov-16 07:59:06 GMT; domain=www.baidu.com; path=/
登錄百度:
Request URL: https://passport.baidu.com/v2/api/?login
Request Method: POST
Status Code: 200
Form Data
apiver: v3
callback: parent.bd__pcbs__61n3hb
charset: UTF-8
codestring: jxG2807c1ef85aec1da0283145d4301817f0b9f430753047e7d
countrycode:
crypttype: 12
detect: 1
gid: 935C87C-CB91-4089-88A3-0C19271057C4
idc:
isPhone: false
logLoginType: pc_loginDialog
loginmerge: true
logintype: dialogLogin
mem_pass: on
password: 這個地方是你的密碼,加密傳輸的
ppui_logintime: 13932
quick_user: 0
rsakey: FzhOuTsGs1Uy5INYHcBWULuSgzBjJ55k
safeflg: 0
splogin: rate
staticpage: https://www.baidu.com/cache/user/html/v3Jump.html
subpro:
token: 1c483364b3034b76a9c71f9a185babae
tpl: mn
tt: 1478851406443
u: https://www.baidu.com/
username: xxxxx
verifycode: 隨機
Cookie (16) 859byte
Request Headers
Origin: https://www.baidu.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer: https://www.baidu.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cookie: BIDUPSID=9D2194F1CB8D1E56272947F6B0E5D47E; PSTM=1472480791; BAIDUID=xxx:FG=1; HISTORY=xxx; UBI=xxx; USERNAMETYPE=1; BDUSS=xxx; PTOKEN=xxx; STOKEN=xxx; Hm_lvt_90056b3f84f90da57dc0f40150f005d5=1474709962,1477285019; PSINO=1; MCITY=-131%3A; pgv_pvi=3797581824; pgv_si=s1725897728; H_PS_PSSID=1423_21080_17001_21454_21408_21530_21394_21377_21525_21193_21340; HOSUPPORT=1
Response Headers
Cache-Control: public
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 11 Nov 2016 08:03:26 GMT
Expires: 0
Last-Modified: Fri, 11 Nov 2016 08:03:26 8NovGMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Pragma: public
Server: Apache
Set-Cookie: HISTORY=xxx; expires=Tue, 28-Jan-2025 08:03:26 GMT; path=/; domain=passport.baidu.com
Set-Cookie: PTOKEN=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=baidu.com
Set-Cookie: BDUSS=xxx; expires=Tue, 28-Jan-2025 08:03:26 GMT; path=/; domain=baidu.com; httponly
Set-Cookie: SAVEUSERID=db90414f8e929f9697edf723; expires=Tue, 28-Jan-2025 08:03:26 GMT; path=/; domain=passport.baidu.com; httponly
Set-Cookie: USERNAMETYPE=1; expires=Tue, 28-Jan-2025 08:03:26 GMT; path=/; domain=passport.baidu.com; httponly
Set-Cookie: PTOKEN=xxx; expires=Tue, 28-Jan-2025 08:03:26 GMT; path=/; domain=passport.baidu.com; secure; httponly
Set-Cookie: STOKEN=64043ad4e803a599fd2b62679787454417ff93b6881091e02cb6a16a94903763; expires=Tue, 28-Jan-2025 08:03:26 GMT; path=/; domain=passport.baidu.com; secure; httponly
Set-Cookie: UBI=fi_PncwhpxZ%7ETaPjUebleBFJcfa6F-5SpIup-ESjK87LvmLSgz4Dh-UObcKvBcfkWYQeS1jkqy4WX3iHYmTcjxVI49atUCMJ7RvgZT0DyKDligJJ7AF0khR1NQ-HZaQikYnJ89s0Zl4zxEFCfEcp5aaos7W; expires=Tue, 28-Jan-2025 08:03:26 GMT; path=/; domain=passport.baidu.com; httponly
Set-Cookie: PASSID=HqKEZn; expires=Thu, 12-Nov-2015 08:03:26 GMT; path=/; domain=passport.baidu.com; httponly
Strict-Transport-Security: max-age=31536000
Tracecode: 02064626530962606090111116
Tracecode: 02064626530792538122111116
Vary: Accept-Encoding
Transfer-Encoding: chunked