HTML forms may post or get their submission.
The method attribute, either post or get, prescribes to the browser how the form data is to be sent back to the server.
For reference here’s a typical form declaration, on an HTML page
<form action=”contact.php” method=”get”>
As shown there is the form tag together with the action and the destination handler. And our point of interest the method. As shown here its set to get.
So what’s the difference between the two methods of form submission?
Does it matter which I choose?
The completed form field entries are sent within the body of the http request.
This allows the collected form entry data to be whatever size. Ideal if there’s a lot of data collection involving free form content areas.
However, because there is no change to the URL from the field entries, there isn’t the page variations to bookmark.
Refreshing the browser page after a submission will cause an alert asking whether the user wishes the data to be re-submitted. Server form handling protection against duplicate form submission should be considered.
Allows the submission of binary data, for example the uploading of images.
With this approach the completed field entries are retained on the page, making it secure.
If you are changing content, for example your user profile, password or address, then the post method is the one to use.
This is the default form method. Without specifying the form method in the form tag it will be assumed to be of method type get.
With the get method the form data is more visible.
The fields and their values are passed in the URL as name+value querystring parameters. For example
With the form data in the URL the page can be bookmarked. Similarly as the parameters have been sent within the URL they are also a part of the browser history.
Beware there’s a restriction on the length of the address URL. The available length is only 3000 characters, including your domain name and the page structure to the page on which is your form. Too long and the parameters may be lost as the URL is truncated.
Consider whether shortening the form labels will suffice, or structuring your answers too will keep within the restriction. Have you simply too many fields on your form? Then it ought to be the post method.
Because the get approach puts the form values in the address it is deemed to be insecure. Definitely not the method to be used for username and password submission.
Refreshing the browser the request will be executed once again, but the entries won’t be re-submitted to the server where the browser has cached them.
If the form is used to view data, perhaps an online catelogue of products, then the get method is appropriate. The pages can be bookmarked and saved for later. Search engine indexing will be for the individual products and categories.