My technical meanderings and other nonsense. Published since 2002. No, really. I'm *that* internet-old. I remember the days of One problem I have with using “GET” AJAX requests is that the data sent over is transmitted as it would be in a URL string, meaning you have to watch out for invalid characters, such as #, &, etc.
On typical web forms, where the user is allowed to enter whatever they want, there is no way to be sure they won’t enter invalid characters.
However, when using “POST” AJAX requests, there are no such worries.
I’m beginning to think it’s better to just submit everything as “POST,” except for the simplest of data (like a single number or letter).
Not to mention – I almost forgot, a “GET” AJAX request is limited to a certain number of characters, and server restrictions, whereas a “POST” request has no such limits.
Are there any advantages to using “GET?”
None. Because you should be validating any input from the user. The only instance in which I can see it being better is if you want to allow the user to link to the site.
Other than that there is no security added while using POST instead of GET.
Well I was thinking from more of a “convenience” perspective – not security. If I can submit everything via “POST” and not have to check for invalid characters in the URL (and have to replace or mask those characters somehow), then I think that would be easier, no?