When to use HTTP GET vs POST?
Skills:
API Design80%
Key Takeaways
The video explains the differences between HTTP GET and POST methods, their use cases, and benefits, covering topics such as request limits, data handling, safety, idempotency, caching, and security.
Full Transcript
get and post are the most popular HTTP methods used on the web each carries its own differences and properties it can get really confusing sometimes to choose when to use post / guess if you're a web developer right and in this video we'll explain the differences use cases and the benefits of using get versus post this is coming up guys if you're new here welcome my name is Hussein and then this channel we discussed all sorts of software engineering by example so if you want to become a better software engineer consider subscribing check out our other content in this channel and with that said let's just jump into the video the first thing we need to discuss is actually what are these get and post these are nothing but requests HTTP requests and the anatomy of HTTP requests are actually mainly four components so the first part is the URL I am requesting to fetch twitter.com I'm requesting to create a new tweet twitter.com slash create right so this is the URL or the URI so there is a universal resource identifier slash link the second part of a request is what kind of method do you send to the server is it get is it post as a port is it delete is it options is it head so there are a lot of methods in in each of this request type yep so headers is the third part of this that's another part of the HTTP request and these are like content type for example what kind of content are you sending me to through this request right or cookies for examples to another part of headers well a lot of other as you can check in the mail in the NPAC page body is the fourth part and some methods have body some methadone and body is actually where the content lie right if you want to send me if you only upload a file for example all this file chopped up and goes into the body and this is getting sent to the to the server essentially all right some methadone use body we're gonna talk to this in a minute now so four part URL method type headers and body so memorize those because we're gonna use them and the next slide because we're going to talk about when to use get versus post and these are there are a lot of properties we need to talk about in order to really as a web developer know what is good and what is put even a back-end developer need to know these things because at one point you're gonna build a web server right so you're gonna configure the web server unity understand these two things yeah so the first thing we're gonna do is body get does not have a body right vs. post does so when you try to send data that means you're just now you're limited to how much data you can send to the server through get requests right and to understand this there's the only part that you can send data in is actually the first part we discussed is the URL and that's it so you if you want to send a request like get requests you're wearing the day the server like google.com for example you're gonna do a search Google start adding these URL parameters are there that URL like you equal the search term right and these are the only place you can really send data through get it everything goes through the URL if you want to send information it goes to the URL you don't have any body unfortunately post and the other hand you can send as much data as you want you have the entire URL plus the body so post half body get doesn't there are a quest limit because it only uses the URL there is a limit to the URL length obviously and that guys this is 2048 byte standardly but at the back end though some web servers have more limits on that right there's like Tom Catalan is have I think a thousand something while I is information that the web server I don't then turn it in for me system web server for Microsoft has this limit right 2048 and then actually accurate limit I think in my opinion alright so there is a limit to how much data you can send through get right and this is very important post you don't have a limit you have the full 2048 plus the entire body you can sedate in so you can you can just slam data in as much as you want data type since get only uses the URL and the URL you cannot put you utf-8 characters it's only ASCII right and because you can only send ASCII characters they are just you kind of limit it to what do you what kind of data you can send so if you're making a request and you want likes to send some localized this like Arabic or Japanese then you might want to use post instead okay and and just put it in the body instead of the get write save so what does that mean right get is safe and post is not okay what does that mean so save is not worried really what you think here it's not like unsecured write save is the definition of a safe HTTP method is a method that does not change the resource that is requested so for example if I go to google.com I'm not changing that resource if I am requesting my user profile right in Twitter / profile or Instagram I'm not really changing anything I didn't update my name or anything I'm just asking hey give me my profile right so that is called the safe method post on the other hand by definition changes the back end because post the definition of post is a I'm gonna post something now I'm posting up new blog post or creating a new entry like creating a new to-do list right everything that has to do changing the server right so that's the post that's the definition of post obviously guys you can break these rules as a developer but it's good to follow these rules because bro are built on these rules and they optimize their fetching and caching based on these roses so if you're not following the rules Europe application will suffer as a performance right so get only reads post changes right that doesn't mean post cannot read post also reads right no we're gonna come to that as well so safeness get a safe post is not safe because it changes the backend and that will bring us to other point which is idempotency so what is that is that word mean that's very computer science a word so idempotency is the ability to make multiple requests to the same rico resource right without changing the request so they are identical right so if I make multiple requests to like I can make as many get requests as possible to my profile and nothing will change right it's kind of different than save net post in the other hand if I make a post request I am always changing the back end I'm let's say creating a new to-do list like slash to do slash to do right I am always every call to post I'm gonna change the back end this loud sounds like it's kind of similar to save but it's not so other method there are methods that changes the back end but they are idempotent right things like put updating that the profile like I am gonna update my email so if you send an email hey update my profiles this is my new email you can send this request as many times as you want because we're gonna always overwrite your record with the new email which is the same email so it is idempotent it doesn't change the resource per say the second time but you it is not safe because this resource has changed does that make sense guys so there's like a little bit of difference ask me of the comments question if you got that I can explain more because of the safeness idempotency you can do caching improve so let's explain this - caching is the ability for the browser to keep responses came in coming back from the server without making another request and this is the popular thing is etags I'm gonna reference a video here that we made full videos on nuit tags and how they work but essentially in a nutshell TLDR is you're gonna make a request if you make a request to to a server and that resource returned the profile for example right and the server returns some sort of an of an md5 or a hash or a sha and the client keeps that sha keeps that tag and then what is what does it do is like with every request to the same resource like this is the same profile for example it sends as hey that's the last hash that I got from you server tell me if it change if it changed return it 200 okay and I'm gonna I'm gonna and return the whole content for me if it didn't just return a 304 code and I'll know and three or four code means content not not modified and if the moment doesn't does the the card know Zoo or call I'm gonna use the cached version so that's caching it in very nutshell right but again check out that video to know more about caching pretty fetching is the ability of especially with images like the browser makes smart choices that okay there are there are like the browser especially what's crawling right so I can prefetch some of these resources and keep them on the server like this is without the client actually making this request the browser makes the decision to prefetch these things and keep them locally especially with images when you scroll down you will only load images that we really need to see and the browser will make decision to prefetch only things that the user will absolutely need all right obviously caching prefetching get or perfect for those because again it comes back to the safeness and idempotency right caching because it's because it's safe I can make a get request and cache that right with post you can never catch that right imagine like sending a post request to change your profile and this gets request and get cached so the next time you update your profile you don't get anything because hey I just cashed your post request you just made the same request again I'm not gonna change that no go ahead and update my profile I need to send my privacy to like I want to make my account private please do make my account private but you just did I don't care right so some requests cannot be cache some requests cannot break fetch imagine images are postable oh my god you'll have the worse web experience ever bookmarkable because this actually this point comes back to this thing all right which is the data request limited remember guys all the good request gets sent through the URL so you gotta have a long URL with a long set of parameters and you've seen those guys right so if you copy that URL bookmark it and then visit it later you're gonna get to the same page more or less right and the reason is because they get everything is in the URL there is nothing in the body so every everyone sees this URL and the browser can just takes the entire URL you can make short or you can make tiny URLs of all of them because of this property because of github it puts all the data in the URL and this is kind of powerful it has its limits obviously of this 2048 but it allows you to bookmark them it allows them to add into history it allows you to book a keep keep those make them short URLs and visit them later so these are the ability of the gets and another post point I want it just make to make just before we move when you go to any browser WWE will determine you hit enter this is always a get request almost all clients all users just make most of the time make get request because if you click on a link it's a get if you click on a link hyperlink that's a get request if you visited a page it's a get request if you click on a button that executes JavaScript there might be a post you need to really look at the network and see how it go but most users make gets requests in general okay so get our bookmark bookmarkable post obviously or not you cannot bookmark the URL of like for example transferring a bank regular strands for money that's a post request because you've made a change right so that's why you go to your bank and you say hey I want to transfer money and you go hit back and you hit back the browser says by the way you just you want to rerun this post request which is like kind of transferring the money still if post request where I'd important and the browser just send it again you're gonna run out of money guys because the browser would just send the same post request and you will transfer the money twice that is horrible right that's why post you really need to be careful with post ok security I added a question mark I'm really on defensive because of this but essentially gate is not secure no because it not because post is secured not at all repose is not secure by any means it's just get is less secure I like that term like so it's less secure than post because if you feel like make a get request and you put your password then guess what guys get but come back to this one it will add today URL because it has no place other place jinda and just sticking on the URL so if you if you're sending and of course with a your password in it then it's gonna show up in the URL it's gonna be bookmarked it's gonna be added to your browser history it's gonna be added to your I don't know if you made it into it Aurel everybody can see this it's very visible where post can I just make it and in the body so it's not as obvious it's not in the URL but a very simple sniff can show you this data that's why you have to use HTTPS okay guys I think that's it for us today but in general if you if you want to make get requests versus post ask yourself these questions if your method or if your call is reading only most of the time you want to use get right because you want to cache this read request right but sometimes your get requests have a lot of parameter and we have an especially in ArcGIS server and the objects platform in israei there is a lot of methods like trays that takes a huge amount of parameters like trace for example trace takes a lot of information like a lot of knobs a lot of configuration they you can configure your tracing a operation right so you can take you can specify the version you can specify I don't know properties you can spit a configuration input you can specify a lot of data there so git does not fit this 2048 does not fit despite this operation being a read operation so even though it's safe and I'd important sometimes you cannot use git unfortunately because of the nature of your request the nature of your request makes you need to send a lot of data to the server to configure something right so so in this case you have to use post because of the limits thing that's that's the only thing right so another thing is if you're almost like changing anything in the server without any thought always use post right it really depends if you're using put gonna be fans if you're updating a resource use port but most of the film posters just say as just safe to use just use post and then you will if you're uploading a file obviously use post type because you're you don't really need to cash this information right you just you're just uploading a file just sending information over there's no limit if you want to send binary there they would upload as use as you said use post if you want to send JSON over use post you cannot use gate and permanently well you can't put a jason in the urls kind of ugly but I prefer to use post because Jason's get to get large get to get large and just put them in the body right so if you request making a huge request most of the time use post but if you want you might want to change your API to make it almost cache AB all right because caching is good so if you are sending a lot of information may be considered redesigning your API to kind of I don't know break it down into multiple api's so you can send more information so he get benefit a benefit of caching and etag and and pre-fishing and all that good stuff all right obviously if you if you need your people to bookmark a URL obviously you need to use the yet that's YouTube for example if you're gonna imagine YouTube without the URLs of the video you cannot you cannot bookmark a URL or you cannot share it as a total and social media right and the YouTube puts the tag of the video in the parameter and then you've seen it guys like youtube.com slash and then I think V equal and some number right and that video URL you can you can literally if you're watching this on YouTube obviously you can see that and then it has some sort of a ID and that ID is a get operation it has to be good operation there is no other way if you don't use get then you cannot share this URL you cannot put it in social media people can't get back to it you can a book market you can tinyurl it right you cannot cache it well cashing YouTube is kinda sketchy but you can get you can catch certain information of the YouTube obviously it depends if it changed or not as we discussed but this isn't a nutshell get versus post guys so I always ask yourself these questions does my request have a lot of data yes use post no probably use get right and if it if it's if it's reading only most of the time use get sometimes you have to use positively or exceed in that limit if you're sending a none ASCII only you don't have any choice you have to use post if you're if you're safe if you're if your request changes the back end of any chance then we use post if it doesn't probably use get right again you're gonna run into this limit of this 2048 you you gonna tread lightly as Walter Ward says so idempotency obviously caching and prefetching bookmarking and obviously security which is kinda hey yeah alright guys hope you enjoy this episode I am gonna see you on the next one you guys stay awesome
Original Description
HTTP methods Get and POST are the most popular http methods used on the web. Each carries its own differences and properties. It can confusing to get to choose when to use POST over GET. In this video we will explain the differences, use cases and the benefits of using GET and POST.
HTTP Request
Lets start with explaining the anatomy of a HTTP requests, the main components of a request
It has. URL
it has method type,
headers content-type, cookies erc
and body the content
Property GET POST
Body No Yes
Data Request Limit Yes (2048 bytes) No limit
Data Type Ascii only Any data
Safe Yes No
Idempotent Yes No
Caching and Prefetching Yes No
Bookmarkable Yes No
Security? No Yes
Body
GET Requests Dont have Body
Post does
Data request limit
Url + body
Data type
Get Only ascii
Get URL only (2048)
POST no limit
Caching and prefetching
Safe
Modifies the resource
Idempotency
Bookmark
You can copy the url share it to twitter and anyone will get to that resource with all that parameters
Read request that need to send lot of data to the server will have to use POST. (Like tracing)
9:10 e-tag reference
Stay Awesome!
Hussein
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from Hussein Nasser · Hussein Nasser · 0 of 60
← Previous
Next →
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Extending ArcObjects (IGeometry) - 01 - Getting Started
Hussein Nasser
Extending ArcObjects (IGeometry) - 02 - The Document, The Map and The Layers
Hussein Nasser
Channel Update - New Book, New Job, New Videos
Hussein Nasser
Learn Programming with VB.NET - 01 - Getting Started
Hussein Nasser
Learn Programming with VB.NET - 02 - Classes and Objects (Part 1)
Hussein Nasser
Learn Programming with VB.NET - 03 - Classes and Objects (Part 2)
Hussein Nasser
Learn Programming with VB.NET - 04 - User Interface
Hussein Nasser
Learn Programming with VB.NET - 05 - By Value v. By Reference
Hussein Nasser
Learn Programming with VB.NET - 06 - Variable size, 32 bit vs 64 bit
Hussein Nasser
Learn Programming with VB.NET - 07 - Conditional Statements
Hussein Nasser
Learn Programming with VB.NET - 08 - Inheritance
Hussein Nasser
Learn Programming with VB.NET - 09 - Strategy Design Pattern
Hussein Nasser
Learn Programming with VB.NET - 10 - How did I learn programming
Hussein Nasser
IGeometry 2016 Retrospective - Channel Update
Hussein Nasser
Javascript by Example - The Vook
Hussein Nasser
Vlog - Keep your servers close and your database closer
Hussein Nasser
Vlog - Client/Server Programming Languages
Hussein Nasser
Javascript By Example L1E01 - Getting Started
Hussein Nasser
Persistent Connections (Pros and Cons)
Hussein Nasser
Javascript By Example L1E02 - Building the Calculator Interface
Hussein Nasser
Happy new Year from IGeometry!
Hussein Nasser
Synchronous v. Asynchronous
Hussein Nasser
Javascript By Example L1E03 - Displaying the Digits on Calculator Screen
Hussein Nasser
Show Your Work. Blog, Vlog, Write, Create and Develop!
Hussein Nasser
Relational Database Atomicity Explained By Example
Hussein Nasser
Javascript By Example L1E04 - Operators, All Clear with Arrow Functions
Hussein Nasser
What Comes First, User Experience or Software Architecture?
Hussein Nasser
Javascript By Example L1E05 - Evaluate the Calculator Expressions with eval
Hussein Nasser
Fastest Way to Learn Programming Language or Technology
Hussein Nasser
Javascript By Example L1E06 - Fix Leading Zero Bug with Conditions
Hussein Nasser
Stateful vs Stateless Applications (Explained by Example)
Hussein Nasser
Javascript By Example L1E07 - Running our Calculator on the Mobile Phone
Hussein Nasser
Advice for New Software Engineers and Developers
Hussein Nasser
Why JSON is so Popular?
Hussein Nasser
Building Scalable Software - SLA, HS, VS
Hussein Nasser
Vlog (Istanbul) - Datacenter Proximity
Hussein Nasser
Should Software Engineers Learn Bleeding-Edge Technologies?
Hussein Nasser
Do Developers Build Bad User Interfaces/Experience?
Hussein Nasser
Learn By Doing.
Hussein Nasser
I Wrote Bad Front-End Code That Broke Chrome
Hussein Nasser
My Story
Hussein Nasser
Vlog - Horizontal vs Vertical Scaling
Hussein Nasser
Can User Experience Help Build Better Rest API?
Hussein Nasser
Reverse engineering Instagram in flight mode
Hussein Nasser
The Benefits of the 3-Tier Architecture (e.g. REST API)
Hussein Nasser
Stateless v. Stateful Architecture (Podcast)
Hussein Nasser
The evolution from virtual machines to containers
Hussein Nasser
Proxy vs. Reverse Proxy (Explained by Example)
Hussein Nasser
Canary Deployment (Explained by Example)
Hussein Nasser
No Excuses
Hussein Nasser
Synchronous vs Asynchronous Applications (Explained by Example)
Hussein Nasser
What is an Asynchronous service?
Hussein Nasser
Difference between Client Polling vs Server Push in Notifications
Hussein Nasser
Software vs. Hardware AdBlockers (Explained by Example)
Hussein Nasser
HTTP Caching with E-Tags - (Explained by Example)
Hussein Nasser
Simple Object Access Protocol Pros and Cons (Explained by Example)
Hussein Nasser
Nodejs Express "Hello, World"
Hussein Nasser
Reverse Engineering Instagram feed
Hussein Nasser
Popup Modal Dialog with Javascript and HTML
Hussein Nasser
MIME and Media Type sniffing explained and the type of attacks it leads to
Hussein Nasser
More on: API Design
View skill →Related Reads
📰
📰
📰
📰
Claude vs ChatGPT for Copywriting: I Tested Both with 10 Real Prompts
Medium · ChatGPT
Mastering the Art of Writing: Effective Techniques for Freelance Writers
Dev.to AI
Your site gets six words to convince me. It just used five of them to say nothing.
Medium · SEO
5 Copywriting Tricks Hidden Inside Warren Buffett’s Shareholder Letters
Medium · Programming
🎓
Tutor Explanation
DeepCamp AI