Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[吐槽] post 和 get的区别? #16

Open
Zheaoli opened this issue Mar 5, 2019 · 7 comments
Open

[吐槽] post 和 get的区别? #16

Zheaoli opened this issue Mar 5, 2019 · 7 comments

Comments

@Zheaoli
Copy link

@Zheaoli Zheaoli commented Mar 5, 2019

经典的谬误之一

** 4.GET方式提交的数据最多只能有1024字节,而POST则没有限制 安全性问题,正如在(2)中提到,使用GET的时候,参数会显示在地址栏上,而POST不会**

可能并不知道 ES 的 Query 查询是把请求体写在 Get 的 body 中的?

建议读一下 RFC 2616

@kenwoodjw kenwoodjw closed this Mar 5, 2019
@kenwoodjw kenwoodjw reopened this Mar 5, 2019
@backbp

This comment has been minimized.

Copy link
Contributor

@backbp backbp commented Mar 5, 2019

现在的答案里面说的区别,我理解都只是大家在使用的时候默认约定成这样,但是htp协议本身并没有明确对这些做限制,换句话说,本质上只要HTTP Server能处理,你怎么用GET和POST是你的事情,反正他们使用TCP在传输,但是你肯定不能真的把POST请求的内容全部转为GET的参数,那样浏览器肯定受不了,而且一把浏览器和HTTP Server都会对URL长度进行限制,不然也不会有414错误了。

@levinit

This comment has been minimized.

Copy link

@levinit levinit commented Mar 5, 2019

按语义区别

@Zheaoli

This comment has been minimized.

Copy link
Author

@Zheaoli Zheaoli commented Mar 5, 2019

不错的反驳

这个反驳分几方面来讲

  1. HTTP 414 和 POST/GET 并没有什么关系,是针对所有 URL 的长度限制,这个状态码并不强制要求实现

  2. 你可能还是没有接触过 ElasticSearch 的Query ,他是将请求体放在 Get 的 Request Body 中,这个和你反驳的参数过长的限制是两回事

  3. 长度限制取决于实现,并不是通用1024

@Zheaoli

This comment has been minimized.

Copy link
Author

@Zheaoli Zheaoli commented Mar 5, 2019

我发现你之前很喜欢用本质来描述

那么我跟风一下

Get 和 Post 本质上的区别是语义差异以及由语义差异所衍生的其余差异(如缓存行为),除此之外我们所看到的差异大部分由具体客户端和服务端的实现差异所造成的

@backbp

This comment has been minimized.

Copy link
Contributor

@backbp backbp commented Mar 5, 2019

所以,是不是可以理解为,语义的区别就是使用者默认GET是请求数据,POST是请求上传数据,但是如果非要用GET做POST的事情,并且服务端也支持,也是可以的

@Zheaoli

This comment has been minimized.

Copy link
Author

@Zheaoli Zheaoli commented Mar 5, 2019

恩,可以这么认为

@laike9m

This comment has been minimized.

Copy link

@laike9m laike9m commented Mar 5, 2019

这个确实是经典错误了。
RFC7231 根本就没有规定实现层面的事情,例如你在文档里写的:

2.在客户端,GET方式在通过URL提交数据,数据在URL中可以看到,POST方式,数据放置在HTML——HEADER内提交 3.对于GET方式,服务器端用Request.QueryString获取变量的值,对于POST方式,服务器端用Request.Form获取提交的数据

所以"GET vs POST区别"的标答很简单:语义不同。概括起来的话就是这张

   +---------+-------------------------------------------------+-------+
   | Method  | Description                                     | Sec.  |
   +---------+-------------------------------------------------+-------+
   | GET     | Transfer a current representation of the target | 4.3.1 |
   |         | resource.                                       |       |
   | HEAD    | Same as GET, but only transfer the status line  | 4.3.2 |
   |         | and header section.                             |       |
   | POST    | Perform resource-specific processing on the     | 4.3.3 |
   |         | request payload.                                |       |
   | PUT     | Replace all current representations of the      | 4.3.4 |
   |         | target resource with the request payload.       |       |
   | DELETE  | Remove all current representations of the       | 4.3.5 |
   |         | target resource.                                |       |
   | CONNECT | Establish a tunnel to the server identified by  | 4.3.6 |
   |         | the target resource.                            |       |
   | OPTIONS | Describe the communication options for the      | 4.3.7 |
   |         | target resource.                                |       |
   | TRACE   | Perform a message loop-back test along the path | 4.3.8 |
   |         | to the target resource.                         |       |
   +---------+-------------------------------------------------+-------+
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
5 participants
You can’t perform that action at this time.