Comparison chart

GET (HTTP) versus POST (HTTP) comparison chart

GET (HTTP)
POST (HTTP)
Parameters remain in browser history because
Parameters are not saved in browser
History
they are part of the URL
history.
Bookmarked Can be bookmarked.
Can not be bookmarked.
GET requests are re-executed but may not be reBACK button/reThe browser usually alerts the user
submitted to server if the HTML is stored in the
submit behaviour
that data will need to be re-submitted.
browser cache.
multipart/form-data or application/xEncoding type
application/x-www-form-urlencoded
www-form-urlencoded Use multipart
(enctype attribute)
encoding for binary data.
can send but the parameter data is limited to
what we can stuff into the request line (URL).
Can send parameters, including
Parameters
Safest to use less than 2K of parameters, some uploading files, to the server.
servers handle up to 64K
Hacked
Easier to hack for script kiddies
More difficult to hack
Restrictions on
No restrictions. Binary data is also
Yes, only ASCII characters allowed.
form data type
allowed.
POST is a little safer than GET
GET is less secure compared to POST because
because the parameters are not stored
Security
data sent is part of the URL. So it's saved in
in browser history or in web server
browser history and server logs in plaintext.
logs.
Yes, since form data is in the URL and URL
Restrictions on length is restricted. A safe URL length limit is
No restrictions
form data length often 2048 characters but varies by browser and
web server.
POST method used when sending
GET method should not be used when sending
Usability
passwords or other sensitive
passwords or other sensitive information.
information.
GET method is visible to everyone (it will be
POST method variables are not
Visibility
displayed in the browser's address bar) and has
displayed in the URL.
limits on the amount of information to send.
Cached
Can be cached
Not cached

ompare GET vs. POST

The following table compares the two HTTP methods: GET and POST.
GET

BACK button/Reload
Bookmarked
Cached
Encoding type
History

Restrictions on data length

Restrictions on data type

Security

Visibility

POST
Data will be re-submitted (the
Harmless
browser should alert the user that the
data are about to be re-submitted)
Can be bookmarked
Cannot be bookmarked
Can be cached
Not cached
application/x-www-form-urlencoded
application/x-www-form-urlencoded or multipart/form-data. Use multipart
encoding for binary data
Parameters are not saved in browser
Parameters remain in browser history
history
Yes, when sending data, the GET
method adds the data to the URL;
and the length of a URL is limited
No restrictions
(maximum URL length is 2048
characters)
No restrictions. Binary data is also
Only ASCII characters allowed
allowed
GET is less secure compared to
POST because data sent is part of the
POST is a little safer than GET
URL
because the parameters are not stored
in browser history or in web server
Never use GET when sending
logs
passwords or other sensitive
information!
Data is visible to everyone in the
Data is not displayed in the URL
URL