1. Overview

A web browser communicates with the server typically using one of the two HTTP (Hypertext Transfer Protocol) methods — GET and POST.

2. Definition of GET and POST

GET requests a representation of the specified resource.

POST submits data to be processed (e.g., from an HTML form) to the identified resource.

3. Use of GET and POST

In GET method the data is sent as URL parameters that are usually strings of name and value pairs separated by ampersands( & ).

GET method should not be used when sending passwords or other sensitive information.

In POST method the data is sent to the server as a package in a separate communication with the processing script. Data sent through POST method will not visible in the URL.

4. Representation of GET and POST

A URL with GET data will look like this:

http://www.xyz.com/action.php?firstname=john&lastname=smith

Query String(name/value pairs) is sent in the HTTP message body of a POST request:

POST /action.php HTTP/1.1 Host: xyz.com firstname=john&lastname=smith

5. Restrictions on data length

In GET method data is in the URL and URL length is restricted. A safe URL length limit is often 2048 characters but varies by browser and web server.

There are not any restrictions in case of POST method.

6. Security

GET is less secure compared to POST because data sent is part of the URL. So it’s saved in browser history and server logs in plaintext.

POST is a little safer than GET because the parameters are not stored in browser history or in web server logs.

7. Encoding type

GET:application/x-www-form-urlencoded

POST: multipart/form-data or application/x-www-form-urlencoded. Use multipart encoding for binary data.