When we use the internet, we want to either retrieve information or send it somewhere else. We, for example, want to learn about how to be better website owners, or we want to buy a new book online. The two most basic HTTP requests are no different than these two objectives. We can examine how they work, as well as explore some other kinds of requests.
If you were to make a Google search for anything, you would click search and then Google would perform the search. However, have you ever looked at the URL that is produced after you search for something? It is usually long and can be hard to understand. If you look closer at that URL, you could probably find the exact text that you typed into the search in the first place. A GET does just what you might expect, it gets data from a web server. It is for reading data.
It is important to note that the data that is sent in a GET should not be sensitive. This information will be public in the URL bar as it is retrieved to your computer. When developers build web applications for instance, and had to handle password data, they would NOT want to use a GET request. That is better suited for the next request type POST.’
As you may imagine, if GET requests are used for reading information and retrieving it, then POST requests are for writing information to a server. If you have ever seen a website tell you not to use the back button because it may, for example, charge you twice, then you have seen a POST request in action. POST requests are not the fix all for a vulnerable application though. The data that is sent to the web still has to be sent, it just won’t be sent inside of the URL in a POST request. It is still important to take the appropriate data protection measures like using an SSL connection.
Other Request Types
In total, there are seven types of web requests. They are, in no particular order: GET, POST, PUT, DELETE, CONNECT, OPTIONS, and HEAD. I do not see CONNECT or HEAD requests very often. CONNECT requests are for making a connection, OPTIONS requests are for finding out the HTTP methods that the server supports, and HEAD requests are the same as GET requests, but only return headers and no body. HEAD requests can be used to check what a GET request will do before doing it, a preview if you will.
If you were able to stick it through that, then you’ve come out better equipped to understand just how the internet works. I hope you enjoyed this Kiiff blog post.