Re: Query Parameters in POST method from Diwakar Shetty on 2002-11-21 (www-talk@w3.org from November to December 2002)

From: Diwakar Shetty <Diwakar.Shetty@oracle.com>
Date: Thu, 21 Nov 2002 11:53:42 +0530
To: "S. Mike Dierken" <mdierken@hotmail.com>
CC: www-talk@w3.org
Message-ID: <3DDC7BEE.273707C1@oracle.com>

Parameters in the URLs in case of GET can be constructed to be data.
e.g: GET http://www.google.com/search?q=diwakar
Here "search" is program residing on machine "www.google.com" which takes "q=diwakar" as data to the program


Also URL in POST refers to a program
while URL in PUT refers to a resource
While URL in GET can refer to both program and resource

Thanks
diwakar



"S. Mike Dierken" wrote:

> The URI identifies the resource you are sending data to - and that URI might
> use query terms to identify itself.
> The body of the request is the actual data being posted. The query terms
> merely identify what resource (think 'object' sort of) you are talking to.
> You could POST binary data, not just name/value pairs like an HTML form
> does - and still use query terms to identify the target resource.
> The target resource in this case is like a container for the POSTed data.
> Perhaps a discussion and the content of the request message is a new
> comment.
>
> It's interesting that the wording of the RFC uses 'submission of data' and
> 'GET' in the same sentence. There is no data being submitted when you use
> GET - it has no body. The URI might have query terms and that indeed should
> not hold sensitive information - but it is confusing to talk about
> 'submission of data' as if GET does an update or something.
>
> mike
>
> ----- Original Message -----
> From: "Diwakar Shetty" <Diwakar.Shetty@oracle.com>
> To: <www-talk@w3.org>
> Sent: Wednesday, November 20, 2002 9:26 PM
> Subject: Re: Query Parameters in POST method
>
> >
> > Thanks Ian
> >
> > I went through RFC 2616
> >
> > Indeed, there is no mention about restrictions on URI/URL so far as POST
> method is concerned.
> >
> > The only thing suggested in the RFC is that
> > -----------------------------------------------------------------------
> > 15.1.3 Encoding Sensitive Information in URI's
> >    Authors of services which use the HTTP protocol SHOULD NOT use GET
> >    based forms for the submission of sensitive data, because this will
> >    cause this data to be encoded in the Request-URI
> > -----------------------------------------------------------------------
> >

Received on Thursday, 21 November 2002 01:23:43 UTC