【My Study Note】Form Submission
Form Submission
By using “Form”, we can send data to the web server as part of an HTTP request.
There are 2 ways of sending
- HTTP GET method
- HTTP POST method
HTTP GET method
<form method="get">
<input type="text">
<input type="submit">
</form>When the Login button is clicked, the form data is sent as part of the request URL. This means that the user data is appended to the end of the URL in the web browser navigation bar. The web server receives the HTTP GET request, and extracts the form data from the URL.
While this is an easy way to submit data, it has three key problems.
Problem 1
The length of a URL is limited to around 2,000 characters depending on the web browser you’re using. Some web browsers allow more, but there are inconsistencies between browsers.
So if you have a large form, some data may be lost when it sent via the GET Method to the web server.
Problem 2
The length of a requested URL is also limited on some web servers. Popular web server software such as Apache web server or Engine X, have a default limit of around 4,096 characters.
Again, if you have a large form, some data may be lost.
Problem 3
The third problem is security. Since the data is included as part of the URL, it means that your data is stored in your web browser history and possibly in the request logs on the web server.
If you’re transmitting personal information such as addresses or credit card numbers, this is a major privacy and security risk.
HTTP POST method
<form method="post">
<input type="text">
<input type="submit">
</form>When the form is submitted using the post method, the form data is inserted into the content of the HTTP request. When the submit button is pressed, it will send an HTTP post request with the data contained in the body of the request.
The HTTP post method is more secure than the HTTP GET method. However, the data could still be read by a third party listening to the HTTP request. To secure this completely, HTTPS is used to encrypt the data so that only the sender and receiver can understand the data.