POST (HTTP)

HTTP
Persistence · Compression · HTTPS
Request methods
OPTIONS · GET · HEAD · POST · PUT · DELETE · TRACE · CONNECT
Header fields
Cookie · ETag · Location · Referer
DNT · X-Forwarded-For
Status codes
301 Moved permanently
302 Found
303 See Other
403 Forbidden
404 Not Found

In computing, POST is one of many request methods supported by the HTTP protocol used by the World Wide Web. The POST request method is used when the client needs to send data to the server as part of the request, such as when uploading a file or submitting a completed form.

In contrast to the GET request method where only a URL and headers are sent to the server, POST requests also include a message body. This allows for arbitrary length data of any type to be sent to the server.

Headers in the POST request may indicate the message body's Internet media type to the server.

Contents

Use for submitting web forms

When a web browser sends a POST request from a web form element, the default Internet media type is "application/x-www-form-urlencoded".[1] This is a format for encoding key-value pairs with possibly duplicate keys. Each key-value pair is separated by an '&' character, and each key is separated from its value by an '=' character. Keys and values are both escaped by replacing spaces with the '+' character and then using URL encoding on all other non-alphanumeric[2] characters.

For example, the key-value pairs

Name: Jonathan Doe
Age: 23
Formula: a + b == 13%!

are encoded as

Name=Jonathan+Doe&Age=23&Formula=a+%2B+b+%3D%3D+13%25%21

Starting with HTML 4.0, forms can also submit data in multipart/form-data as defined in RFC 2388 (See also RFC 1867 for an earlier experimental version defined as an extension to HTML 2.0 and mentioned in HTML 3.2).

Affecting server state

Per RFC 2616, the POST method should be used for any context in which a request is non-idempotent: that is, it causes a change in server state each time it is performed, such as submitting a comment to a blog post or voting in an online poll. In practice, GET is often reserved, not simply for idempotent actions, but for nullipotent ones, ones with no side-effects (not simply "no side effects on second or future requests").[3][4] For this reason, web crawlers such as search engine indexers normally use the GET method exclusively, to prevent their automated requests from performing such actions.

However, there are reasons to use POST for idempotent requests, notably if the request uses non-ASCII characters or is very long, due to restrictions on URLs – the query string in the GET method may become very long, especially due to percent-encoding.[3]

See also

References

  1. ^ Berners-Lee, Tim; Connolly, Dan (22 September 1995). "Hypertext Markup Language - 2.0 - Forms". World Wide Web Consortium. http://www.w3.org/MarkUp/html-spec/html-spec_8.html#SEC8.2.1. Retrieved 15 January 2011. 
  2. ^ "Forms in HTML documents". http://www.w3.org/TR/html401/interact/forms.html#h-17.13.4.1. 
  3. ^ a b Korpela, Jukka (28 September 2003). "Methods GET and POST in HTML forms - what's the difference?". Tampere University of Technology. http://www.cs.tut.fi/~jkorpela/forms/methods.html. Retrieved 15 January 2011. 
  4. ^ RFC 2616, 9.1.1 Safe Methods

External links