The title pretty much sums it up. Many web languages support sending/receiving URL encoded GET parameters in POST requests. Is this an acceptable practice per the HTTP standard?
题目差不多概括了这一点。许多web语言支持在POST请求中发送/接收编码的GET参数。这是HTTP标准中可接受的实践吗?
3 个解决方案
#1
2
As far as HTTP is concerned, there is no such thing as a "GET parameter". A URL identifies a resource, and you can perform various actions on that resource, including GETting it, and POSTing data to it. Identifying a resource as https://api.example.com/item?id=42 and performing a POST request to update that item is perfectly valid from that point of view. It might well be used in a so-called "RESTful API", although more often a dynamic URL such as https://api.example.com/item/42 would probably be preferred.
就HTTP而言,不存在“GET参数”之类的东西。URL标识一个资源,您可以对该资源执行各种操作,包括获取该资源并向其发布数据。将资源标识为https://api.example.com/item?id=42并执行一个POST请求来更新该项目,从这个角度来看是完全有效的。它很可能在所谓的“RESTful API”中使用,不过更常见的情况是使用动态URL,如https://api.example.com/item/42。
The reason the query string part of a URL is sometimes thought of as "GET parameters" is because it is the part generated when you submit a form in HTML using method="get". A form can have an action URL with a query-string already attached, and a method stating that the data should be sent to that URL with a POST request. Having an existing query string and a method of "get" leads to the browser having to decide exactly how to combine the two, but a query-string + "post" presents no conflict.
URL的查询字符串部分有时被认为是“GET参数”的原因是,它是使用method=“GET”以HTML提交表单时生成的部分。表单可以有一个动作URL,其中包含已附加的查询字符串,以及一个方法,该方法声明应该使用POST请求将数据发送到该URL。拥有一个现有的查询字符串和一个“get”方法会导致浏览器必须决定如何将两者结合起来,但是查询字符串+“post”不会产生冲突。
Finally, the page you are submitting to will need to actually process your data. Many simple CGI libraries will merge together variables parsed from the query string and from a POST submitted form. This may be what you want, or you may want to treat them as two separate "namespaces". PHP, for instance, allows both approaches, providing $_GET (query-string variables, regardless of HTTP method) and $_POST (POSTed form data) as well as $_REQUEST, which combines the two in a configurable way.
最后,您提交的页面需要实际处理数据。许多简单的CGI库将从查询字符串和提交后的表单中合并解析的变量。这可能是您想要的,或者您可能希望将它们视为两个独立的“名称空间”。例如,PHP支持这两种方法,即提供$_GET(查询字符串变量,而不考虑HTTP方法)和$_POST(提交的表单数据)以及$_REQUEST,后者以一种可配置的方式组合这两种方法。
#2
1
According to the specification - it is allowed:
根据规格-允许:
Request-Line = Method SP Request-URI SP HTTP-Version CRLF
Request-URI = "*" | absoluteURI | abs_path | authority
absoluteURI = scheme ":" ( hier_part | opaque_part )
hier_part = ( net_path | abs_path ) [ "?" query ]
References:
引用:
- http://tools.ietf.org/html/rfc2616
- http://tools.ietf.org/html/rfc2616
- http://www.ietf.org/rfc/rfc2396.txt
- http://www.ietf.org/rfc/rfc2396.txt
#3
0
Sending parameters vis POST in url-encoded format is not only allowed, it is the default for encoding POST data. To quote the spect for HTML forms:
不允许以url编码格式发送参数vis POST,这是对POST数据进行编码的默认方式。引用HTML表单的spect:
enctype = content-type [CI] This attribute specifies the content type used to submit the form to the server (when the value of method is "post"). The default value for this attribute is "application/x-www-form-urlencoded". The value "multipart/form-data" should be used in combination with the INPUT element, type="file".
此属性指定用于将表单提交给服务器的内容类型(当方法的值为“post”时)。这个属性的默认值是“application/ www-form- urlencoding”。值“multipart/form-data”应该与输入元素type=“file”结合使用。
#1
2
As far as HTTP is concerned, there is no such thing as a "GET parameter". A URL identifies a resource, and you can perform various actions on that resource, including GETting it, and POSTing data to it. Identifying a resource as https://api.example.com/item?id=42 and performing a POST request to update that item is perfectly valid from that point of view. It might well be used in a so-called "RESTful API", although more often a dynamic URL such as https://api.example.com/item/42 would probably be preferred.
就HTTP而言,不存在“GET参数”之类的东西。URL标识一个资源,您可以对该资源执行各种操作,包括获取该资源并向其发布数据。将资源标识为https://api.example.com/item?id=42并执行一个POST请求来更新该项目,从这个角度来看是完全有效的。它很可能在所谓的“RESTful API”中使用,不过更常见的情况是使用动态URL,如https://api.example.com/item/42。
The reason the query string part of a URL is sometimes thought of as "GET parameters" is because it is the part generated when you submit a form in HTML using method="get". A form can have an action URL with a query-string already attached, and a method stating that the data should be sent to that URL with a POST request. Having an existing query string and a method of "get" leads to the browser having to decide exactly how to combine the two, but a query-string + "post" presents no conflict.
URL的查询字符串部分有时被认为是“GET参数”的原因是,它是使用method=“GET”以HTML提交表单时生成的部分。表单可以有一个动作URL,其中包含已附加的查询字符串,以及一个方法,该方法声明应该使用POST请求将数据发送到该URL。拥有一个现有的查询字符串和一个“get”方法会导致浏览器必须决定如何将两者结合起来,但是查询字符串+“post”不会产生冲突。
Finally, the page you are submitting to will need to actually process your data. Many simple CGI libraries will merge together variables parsed from the query string and from a POST submitted form. This may be what you want, or you may want to treat them as two separate "namespaces". PHP, for instance, allows both approaches, providing $_GET (query-string variables, regardless of HTTP method) and $_POST (POSTed form data) as well as $_REQUEST, which combines the two in a configurable way.
最后,您提交的页面需要实际处理数据。许多简单的CGI库将从查询字符串和提交后的表单中合并解析的变量。这可能是您想要的,或者您可能希望将它们视为两个独立的“名称空间”。例如,PHP支持这两种方法,即提供$_GET(查询字符串变量,而不考虑HTTP方法)和$_POST(提交的表单数据)以及$_REQUEST,后者以一种可配置的方式组合这两种方法。
#2
1
According to the specification - it is allowed:
根据规格-允许:
Request-Line = Method SP Request-URI SP HTTP-Version CRLF
Request-URI = "*" | absoluteURI | abs_path | authority
absoluteURI = scheme ":" ( hier_part | opaque_part )
hier_part = ( net_path | abs_path ) [ "?" query ]
References:
引用:
- http://tools.ietf.org/html/rfc2616
- http://tools.ietf.org/html/rfc2616
- http://www.ietf.org/rfc/rfc2396.txt
- http://www.ietf.org/rfc/rfc2396.txt
#3
0
Sending parameters vis POST in url-encoded format is not only allowed, it is the default for encoding POST data. To quote the spect for HTML forms:
不允许以url编码格式发送参数vis POST,这是对POST数据进行编码的默认方式。引用HTML表单的spect:
enctype = content-type [CI] This attribute specifies the content type used to submit the form to the server (when the value of method is "post"). The default value for this attribute is "application/x-www-form-urlencoded". The value "multipart/form-data" should be used in combination with the INPUT element, type="file".
此属性指定用于将表单提交给服务器的内容类型(当方法的值为“post”时)。这个属性的默认值是“application/ www-form- urlencoding”。值“multipart/form-data”应该与输入元素type=“file”结合使用。