HTTP Request Types

All requests are sent using an "HTTP method". The method designates the type of request being made to the web server. The most common types of request methods are GET and POST but there are many others, including HEAD, PUT, DELETE, CONNECT, and OPTIONS. GET and POST are widely supported while support for other methods is sometimes limited but expanding.

GET requests

  • Sent when URL is submitted in the browser location bar or a user clicks a link
  • Send data in the URL and query string
  • Reloadable
  • Can bookmark
  • Used for read-only operations
    • View, search, sort, or filter data
    • Data does not change

POST requests

  • Sent when web form is submitted
  • Send data in the URL and as an attachment
  • Semi-reloadable (prompt to send data again)
  • Can not bookmark
  • Used for write operations
    • Create, update, or delete data
    • Data does change

Requests should match their purpose. Reject or ignore unexpected request methods. If code is not expecting to receive form data then it should allow GET requests but should reject POST requests. If code is expecting to receive form data then it should allow POST data but should reject GET requests.

Fork me on GitHub