Reputation: 530
What is the W3C stance on sending GET params in a POST request?
The title pretty much sums it up. Many web languages support sending/receiving URL encoded GET parameters in POST requests. Is this an acceptable practice per the HTTP standard?
Upvotes: 1
Views: 125
Answers (3)
Reputation: 97938
As far as HTTP is concerned, there is no such thing as a "GET parameter". A URL identifies a resource, and you can perform various actions on that resource, including GETting it, and POSTing data to it. Identifying a resource as https://api.example.com/item?id=42 and performing a POST request to update that item is perfectly valid from that point of view. It might well be used in a so-called "RESTful API", although more often a dynamic URL such as https://api.example.com/item/42 would probably be preferred.
The reason the query string part of a URL is sometimes thought of as "GET parameters" is because it is the part generated when you submit a form in HTML using method="get". A form can have an action URL with a query-string already attached, and a method stating that the data should be sent to that URL with a POST request. Having an existing query string and a method of "get" leads to the browser having to decide exactly how to combine the two, but a query-string + "post" presents no conflict.
Finally, the page you are submitting to will need to actually process your data. Many simple CGI libraries will merge together variables parsed from the query string and from a POST submitted form. This may be what you want, or you may want to treat them as two separate "namespaces". PHP, for instance, allows both approaches, providing $_GET (query-string variables, regardless of HTTP method) and $_POST (POSTed form data) as well as $_REQUEST, which combines the two in a configurable way.
Upvotes: 2
Reputation: 18446
Sending parameters vis POST in url-encoded format is not only allowed, it is the default for encoding POST data. To quote the spect for HTML forms:
enctype = content-type [CI] This attribute specifies the content type used to submit the form to the server (when the value of method is "post"). The default value for this attribute is "application/x-www-form-urlencoded". The value "multipart/form-data" should be used in combination with the INPUT element, type="file".
Upvotes: 0
Reputation: 255025
According to the specification - it is allowed:
Request-Line = Method SP Request-URI SP HTTP-Version CRLF
Request-URI = "*" | absoluteURI | abs_path | authority
absoluteURI = scheme ":" ( hier_part | opaque_part )
hier_part = ( net_path | abs_path ) [ "?" query ]
References:
Upvotes: 1
Related Questions
- Is sending POST data with a GET request valid?
- GET vs POST in AJAX?
- GET vs. POST ajax requests: When and how to use either?
- Sending GET from PHP parameter to AJAX
- AJAX POST request with GET Parameters in URL
- PHP jQuery .post .get, is this the right way?
- Accessing params sent by an Ajax POST request
- Sending POST (or GET) data to a PHP script using AJAX
- post vs get for URL params?
- AJAX security: POST or GET?