49:
375:, POST requests might be expected to represent new customers, each including their name, address, contact details and so on. Early website designers strayed away from this original concept in two important ways. First, there is no technical reason for a URI to textually describe the
423:
There are times when HTTP GET is less suitable even for data retrieval. An example of this is when a great deal of data would need to be specified in the URL. Browsers and web servers can have limits on the length of the URL that they will handle without truncation or error.
386:. Secondly, given most web browsers' natural limitation to use only GET or POST, designers felt the need to re-purpose POST to do many other data submission and data management tasks, including the alteration of existing records and their deletion.
441:
is used, preventing the data from being intercepted in transit, the browser history and the web server's logs will likely contain the full URL in plaintext, which may be exposed if either system is hacked. In these cases, HTTP POST should be used.
466:
with possibly duplicate keys. Each key-value pair is separated by an '&' character, and each key is separated from its value by an '=' character. Keys and values are both escaped by replacing spaces with the '+' character and then using
346:
As part of a POST request, an arbitrary amount of data of any type can be sent to the server in the body of the request message. A fields header field in the POST request usually indicates the message body's
Internet media type.
328:. By design, the POST request method requests that a web server accepts the data enclosed in the body of the request message, most likely for storing it. It is often used when uploading a file or when submitting a completed
436:
is limited to 2,048 characters in any URL. Equally, HTTP GET should not be used where sensitive information, such as usernames and passwords, have to be submitted along with other data for the request to complete. Even if
416:. Many forms are used to specify more precisely the retrieval of information from the server, without any intention of altering the main database. Search forms, for example, are ideally suited to having
405:, or to write standalone apps, to make use of the other HTTP methods where they are relevant, but outside of this most web forms that submit or alter server data continue to use POST for the purpose.
379:
subordinate to which POST data will be stored. In fact, unless some effort is made, the last part of a URI will more likely describe the web application's processing page and its technology, such as
355:
The world wide Web and HTTP are based on a number of request methods or 'verbs', including POST and GET as well as PUT, DELETE, and several others. Web browsers normally use only GET and POST, but
513:, meaning that multiple identical requests might not have the same effect as transmitting the request only once. POST is therefore suitable for requests which change the
588:
The POST method requests that the target resource process the representation enclosed in the request according to the resource's own specific semantics.
672:
525:
such as search engine indexers normally use the GET and HEAD methods exclusively, to prevent their automated requests from performing such actions.
528:
However, there are reasons why POST is used even for idempotent requests, notably if the request is very long. Due to restrictions on URLs, the
624:
494:
as defined in RFC 2388 (See also RFC 1867 for an earlier experimental version defined as an extension to HTML 2.0 and mentioned in HTML 3.2).
895:
869:
757:
459:
805:
517:
each time they are performed, for example submitting a comment to a blog post or voting in an online poll. GET is defined to be
356:
295:
364:
339:
request method retrieves information from the server. As part of a GET request, some data can be passed within the URL's
521:, with no side-effects, and idempotent operations have "no side effects on second or future requests". For this reason,
238:
368:
336:
233:
140:
58:
714:"Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content - 9.4 Disclosure of Sensitive Information in URIs"
390:
183:
514:
363:
make use of many of the others. POST's place in the range of HTTP methods is to send a representation of a new
269:
676:
264:
259:
402:
254:
360:
428:
of reserved characters in URLs and query strings can significantly increase their length, and while
491:
455:
343:, specifying (for example) search terms, date ranges, or other information that defines the query.
875:
729:
645:
573:
429:
288:
31:
783:
761:
367:
to the server so that it will be stored as a new subordinate of the resource identified by the
865:
846:
463:
433:
857:
721:
565:
533:
468:
425:
63:
753:
174:
325:
389:
Efforts by some influential writers to remedy the first point began as early as 1998.
889:
879:
394:
281:
159:
733:
577:
826:
557:
529:
497:
The special case of a POST to the same page that the form belongs to is known as a
472:
413:
398:
376:
340:
169:
164:
131:
841:
713:
522:
518:
510:
329:
149:
861:
451:
601:
558:"Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content - 4.3.3 POST"
309:
154:
698:
801:
498:
217:
212:
207:
202:
197:
192:
17:
48:
725:
569:
712:
Fielding, R.; Reschke, J. (2014). Fielding, R.; Reschke, J. (eds.).
556:
Fielding, R.; Reschke, J. (2014). Fielding, R.; Reschke, J. (eds.).
397:
and others make it easier for designers to provide their users with
438:
68:
532:
the GET method generates may become very long, especially due to
321:
317:
126:
121:
116:
111:
101:
96:
91:
82:
73:
40:
30:
This article is about the HTTP method. Not to be confused with
382:
802:"Methods GET and POST in HTML forms - what's the difference?"
699:"Maximum URL length is 2,048 characters in Internet Explorer"
854:
Google Cloud
Certified Associate Cloud Engineer Study Guide
487:
Name=Gareth+Wylie&Age=24&Formula=a%2Bb+%3D%3D+21
401:. With regard to the second point, it is possible to use
625:"Using HTTP PUT and DELETE methods in web applications"
490:
Starting with HTML 4.0, forms can also submit data in
432:
can handle up to 4,000 characters in a URL, Microsoft
408:
That is not to say that every web form should specify
450:When a web browser sends a POST request from a
852:"Deploying Storage in Google Cloud Platform",
481:Name: Gareth Wylie Age: 24 Formula: a+b == 21
289:
8:
795:
793:
296:
282:
36:
762:"Hypertext Markup Language - 2.0 - Forms"
551:
549:
856:, Wiley, 2019-03-28, pp. 275–308,
545:
246:
225:
182:
139:
81:
39:
509:Per RFC 7231, the POST method is not
7:
800:Korpela, Jukka (28 September 2003).
381:http://example.com/applicationform.
27:Request method in the HTTP protocol
842:Straightforward definition of POST
25:
478:For example, the key-value pairs
462:". This is a format for encoding
460:application/x-www-form-urlencoded
218:451 Unavailable for Legal Reasons
806:Tampere University of Technology
47:
847:POST verb in HTTP specification
226:Security access control methods
1:
446:Use for submitting web forms
373:http://example.com/customers
239:Digest access authentication
896:Hypertext Transfer Protocol
764:. World Wide Web Consortium
371:. For example, for the URI
234:Basic access authentication
912:
862:10.1002/9781119564409.ch12
391:Web application frameworks
29:
784:"Forms in HTML documents"
600:Berners-Lee, Tim (1998).
602:"Cool URIs don't change"
270:HTTP parameter pollution
247:Security vulnerabilities
673:"REST and Max URL Size"
650:HTML 4.01 Specification
623:Friedman, Mike (2009).
265:HTTP response splitting
505:Affecting server state
335:In contrast, the HTTP
260:HTTP request smuggling
760:(22 September 1995).
454:element, the default
403:client-side scripting
255:HTTP header injection
193:301 Moved Permanently
184:Response status codes
671:Rigsby, Dan (2008).
492:multipart/form-data
456:Internet media type
827:4.2.1 Safe Methods
679:on 4 November 2012
430:Apache HTTP Server
32:Power-on self-test
646:"Form submission"
471:on all other non-
434:Internet Explorer
306:
305:
16:(Redirected from
903:
882:
829:
823:
817:
816:
814:
812:
797:
788:
787:
780:
774:
773:
771:
769:
754:Berners-Lee, Tim
750:
744:
743:
741:
740:
726:10.17487/RFC7231
709:
703:
702:
695:
689:
688:
686:
684:
675:. Archived from
668:
662:
661:
659:
657:
642:
636:
635:
633:
631:
620:
614:
613:
611:
609:
597:
591:
590:
585:
584:
570:10.17487/RFC7231
553:
534:percent-encoding
469:percent-encoding
426:Percent-encoding
419:
411:
385:
374:
298:
291:
284:
51:
37:
21:
911:
910:
906:
905:
904:
902:
901:
900:
886:
885:
872:
851:
838:
833:
832:
824:
820:
810:
808:
799:
798:
791:
782:
781:
777:
767:
765:
752:
751:
747:
738:
736:
711:
710:
706:
697:
696:
692:
682:
680:
670:
669:
665:
655:
653:
644:
643:
639:
629:
627:
622:
621:
617:
607:
605:
599:
598:
594:
582:
580:
555:
554:
547:
542:
507:
488:
484:are encoded as
482:
464:key-value pairs
448:
417:
409:
380:
372:
353:
302:
175:X-Forwarded-For
83:Request methods
35:
28:
23:
22:
15:
12:
11:
5:
909:
907:
899:
898:
888:
887:
884:
883:
870:
849:
844:
837:
836:External links
834:
831:
830:
818:
789:
775:
745:
704:
690:
663:
637:
615:
592:
562:tools.ietf.org
544:
543:
541:
538:
506:
503:
486:
480:
447:
444:
352:
349:
326:World Wide Web
318:request method
304:
303:
301:
300:
293:
286:
278:
275:
274:
273:
272:
267:
262:
257:
249:
248:
244:
243:
242:
241:
236:
228:
227:
223:
222:
221:
220:
215:
210:
205:
200:
195:
187:
186:
180:
179:
178:
177:
172:
167:
162:
157:
152:
144:
143:
137:
136:
135:
134:
129:
124:
119:
114:
109:
104:
99:
94:
86:
85:
79:
78:
77:
76:
71:
66:
61:
53:
52:
44:
43:
26:
24:
14:
13:
10:
9:
6:
4:
3:
2:
908:
897:
894:
893:
891:
881:
877:
873:
871:9781119564409
867:
863:
859:
855:
850:
848:
845:
843:
840:
839:
835:
828:
822:
819:
807:
803:
796:
794:
790:
785:
779:
776:
763:
759:
758:Connolly, Dan
755:
749:
746:
735:
731:
727:
723:
719:
715:
708:
705:
700:
694:
691:
678:
674:
667:
664:
651:
647:
641:
638:
626:
619:
616:
603:
596:
593:
589:
579:
575:
571:
567:
563:
559:
552:
550:
546:
539:
537:
535:
531:
526:
524:
520:
516:
512:
504:
502:
500:
495:
493:
485:
479:
476:
474:
470:
465:
461:
457:
453:
445:
443:
440:
435:
431:
427:
421:
415:
410:method="post"
406:
404:
400:
399:semantic URLs
396:
395:Ruby on Rails
392:
387:
384:
378:
370:
366:
362:
358:
350:
348:
344:
342:
338:
333:
331:
327:
323:
320:supported by
319:
315:
311:
299:
294:
292:
287:
285:
280:
279:
277:
276:
271:
268:
266:
263:
261:
258:
256:
253:
252:
251:
250:
245:
240:
237:
235:
232:
231:
230:
229:
224:
219:
216:
214:
213:404 Not Found
211:
209:
208:403 Forbidden
206:
204:
203:303 See Other
201:
199:
196:
194:
191:
190:
189:
188:
185:
181:
176:
173:
171:
168:
166:
163:
161:
158:
156:
153:
151:
148:
147:
146:
145:
142:
141:Header fields
138:
133:
130:
128:
125:
123:
120:
118:
115:
113:
110:
108:
105:
103:
100:
98:
95:
93:
90:
89:
88:
87:
84:
80:
75:
72:
70:
67:
65:
62:
60:
57:
56:
55:
54:
50:
46:
45:
42:
38:
33:
19:
853:
821:
809:. Retrieved
778:
766:. Retrieved
748:
737:. Retrieved
717:
707:
701:. Microsoft.
693:
681:. Retrieved
677:the original
666:
654:. Retrieved
649:
640:
628:. Retrieved
618:
606:. Retrieved
595:
587:
581:. Retrieved
561:
530:query string
527:
523:web crawlers
508:
496:
489:
483:
477:
475:characters.
473:alphanumeric
449:
422:
418:method="get"
407:
388:
377:web resource
354:
351:Posting data
345:
341:query string
334:
324:used by the
313:
307:
165:HTTP referer
106:
652:. W3C. 1999
519:nullipotent
420:specified.
414:opening tag
365:data entity
64:Compression
59:Persistence
825:RFC 7231,
811:15 January
768:15 January
739:2014-07-25
683:17 October
656:17 October
630:17 October
608:17 October
583:2014-07-24
540:References
511:idempotent
880:241576882
310:computing
198:302 Found
18:HTTP POST
890:Category
734:14399078
718:RFC 7231
578:14399078
499:postback
452:web form
393:such as
330:web form
160:Location
412:in its
359:online
357:RESTful
127:CONNECT
92:OPTIONS
878:
868:
732:
576:
150:Cookie
117:DELETE
876:S2CID
730:S2CID
604:. W3C
574:S2CID
515:state
439:HTTPS
316:is a
132:PATCH
122:TRACE
69:HTTPS
866:ISBN
813:2011
770:2011
685:2012
658:2012
632:2012
610:2012
458:is "
361:apps
322:HTTP
314:POST
155:ETag
107:POST
102:HEAD
74:QUIC
41:HTTP
858:doi
722:doi
566:doi
383:php
369:URI
337:GET
308:In
170:DNT
112:PUT
97:GET
892::
874:,
864:,
804:.
792:^
756:;
728:.
720:.
716:.
648:.
586:.
572:.
564:.
560:.
548:^
536:.
501:.
332:.
312:,
860::
815:.
786:.
772:.
742:.
724::
687:.
660:.
634:.
612:.
568::
297:e
290:t
283:v
34:.
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.