What is the difference between get and post method in HTTP?

GET Method:

  1. All the name value pairs are submitted as a query string in URL.
  2. It's not secured as it is visible in plain text format in the Location bar of the web browser.
  3. As the data transfers through address bar (URL) there are some restrictions in using space, some characters like ampersand (&) etc in the GET method of posting data. We have to take special care for encoding data if such special characters are present.
  4. Length of the string is restricted.
  5. If method is not mentioned in the Form tag, this is the default method used.
  6. If get method is used and if the page is refreshed it would not prompt before the request is submitted again.
  7. One can store the name value pairs as bookmark and directly be used while sharing with others - example search results.
  8. Data is always submitted in the form of text
  9. If the response of the page is always same for the posted query then use GET example database searches
POST Method:
  1. All the name value pairs are submitted in the Message Body of the request.
  2. Length of the string (amount of data submitted) is not restricted.
  3. Post Method is secured because Name-Value pairs cannot be seen in location bar of the web browser.
  4. If post method is used and if the page is refreshed it would prompt before the request is resubmitted.
  5. If the service associated with the processing of a form has side effects (for example, modification of a database or subscription to a service), the method should be POST.
  6. Data is submitted in the form as specified in enctype attribute of form tag and thus files can be used in FileUpload input box.
POST is better because GET puts the code in the browser so people can view the information (eg.hackers) however with POST you can't favorite the page but you can with GET

GET and POST methods are both ways of transporting variables (and their values) from one page to another. However, they transport the variable names and values in different ways. GET uses the URL to transfer variables. Web pages can pick up the URL address and detach the variables usable to the scripting language used in the page. A user can change the variable names and values of a URL with GET-type variables. This introduces security risks, as it is an open way to attack a website. All variables that could possibly be input by a user should always be checked. GET values must be under 255 characters, otherwise some older browsers will not transfer values properly. Today's browsers propagate values just fine with larger character limits, such as 4,000 - but caution should be taken. POST transfers variables from one page to the next - broadly speaking - silently. No users can edit these variables without simulating a POST transfer to the page - which is a more difficult route for site attackers to make. These variables should still always be checked. POST values can be of infinite length.