GET should be used for Resource Identification
In addition to data visibility in browser's address bar, security concerns and data size limit, here is a prime objective of GET method:
GET method is only used for resource identification. It does not cause any change to server. When we open a URL, browser use GET method to fetch the resource. An HTTP request that use GET method should not modify a resource at server but only fetch it. These are protocol recommendations. But remember, there is a difference between how a developer use a method and what the protocol recommends.
In HTTP request, when semantics are read-only, such methods are called "Safe Methods" that are head, options, trace. See RFC7231 for details.
Search engines only use safe methods while crawling the web.
Idempotent Methods, Safe Methods, PUT and DELETE
Request method is called idempotent method when intended effect on the server of multiple identical requests is the same effect as of single such request.
PUT , DELETE and "Safe Methods" are idempotent methods.
Idempotent methods requests can be repeated automatically in case of failure before the client (browser) is able to read the server's response.
For example, if a client sends a PUT or DELETE request and the underlying connection is closed before any response is received, then the client can establish a new connection and retry the idempotent request. It knows that repeating the request will have the same effect, even if the original request succeeded (though the response might differ). See RFC7231 for details.
Safe methods can be cached and pre-fetched without any request to resource.
Idempotent methods always shows same results whether it is called once or ten times.
Examples of Idempotent Methods are:
PUT , DELETE, OPTIONS, HEAD, GET,
Default Media / Content Type of POST
Server sends Content-Type header to help HTTP client processing response properly. This is Payload content type. When browser submits data via Payload, it also sets content type header. This header is used by server to parse the request Payload properly.
By default when using POST, Payload contains key Value pairs separated by &, where Key duplication is allowed.
Content-type (aka Media Type & MIME) is a two-part identifier for file or data formats on internet. See RFC2045 for Multipurpose Internet Mail Extensions (MIME) details.
Content-Type is composed of Type, Sub Type and Optional Suffix and Parameters
e.g. HTML content-type is : text/html; charset=UTF-8
Top Level Types: application, audio, example, image, message, model, text, video.
Some registered suffixes are +xml, +json, +zip etc,
See RFC6839 for details.
Default Media Type for POST is: application/x-www-form-urlencoded
x-www-form-urlencoded
URI Encoding (aka Percent Encoding) is mechanism of encoding information in a URI under special circumstances.
Allowed Characters in URI must either be reserved or unreserved or a percent character.
Reserved: ! * ' ( ) ; : @ & = + $ , / ? # [ ] (see RFC3986 for details)
Unreserved: A-Z a-z - _ . ~
All other characters in URI must be percent encoded.
Percent Encoding means: Converting the character to its corresponding byte value in ASCII and then representing that value as a pair of hexadecimal digits. The digits, preceded by a percent sign ("%") which is used as an escape character, are then used in the URI in place of the reserved character.
For a non-ASCII character, it is typically converted to its byte sequence in UTF-8 and then each byte value is represented as above.
No comments:
Post a Comment