Since I'm a little under the weather today, I figured I'd post another one of the Hanselman questions for my granny, who is no doubt concerned for my welfare and thinks I should be back in bed!

Let’s say that my grandmother wants to look for some DVDs at a particular local shop. Now, this shop doesn’t run like any ordinary shop. To see if they have a certain DVD, my grandmother has to write down a list of relevant info on a piece of lined paper. Let’s say she is looking for any movie that starred Gape Kaplan that was made before 1980.

She writes down the following:
Actor = GabeKaplan
DateMade = Before 1980
Ignore = Welcome Back Kotter

and gives this piece of paper to the clerk. The clerk reads this information into a microphone and then the back room goes to work finding all relevant titles.

There are a couple of disadvantages to this approach – the company won’t give my grandmother any more paper to write her criteria on, and the paper itself is limited to around 5 lines. So if my grandmother wants to submit anything in detail, she can’t! Also, unless my grandmother starts writing her orders down in some sort of code, anyone else who is listening can hear what she is looking for – no privacy! She may be okay with looking for DVDs in this manner, but she definitely doesn’t want her orders being public knowledge. Not to mention that all of her contact info will not fit on that piece of paper!  My grandmother complains and because everyone listens to my grandmother, the process for actually ordering DVDs is changed, while the search method remains the same.

So, a week later Suresh comes in and he already knows what he is looking for: “Male Nurses Unchained”, Parts 70 through 75. With the new ordering process, he encloses all of his contact info as well as his order information and credit card number on some paper put into an envelope. When he goes up to the till, he tells them, “Order here” and hands them the envelope. They process his request and a week later he receives the shipment straight to his house.

What my grandmother has done, in terms of the HTTP protocol, is called a GET. A GET puts form values (her search criteria) into the URL string (that lined sheet of paper). GETs are recommend in situations where the interaction is like a question (a read operation, a lookup, or any of Gabe Kaplan’s film escapades). Now, the URL string is limited to 256 characters, sort of like that lined sheet of paper has a limited amount of lines. As well, unless the query string is encrypted that information is publically viewable.

Suresh, on the other hand, has executed a POST, which embeds the form values inside the body of the HTTP request (like Suresh’s envelope was given when he made his request). In addition to being slightly more secure, it’s also capable of being much denser than a GET (all of Suresh’s contact info, etc.) since it doesn’t have to contend with URL limitations. The W3C recommends using POST if

The interaction is more like an order, or
The interaction changes the state of the resource in a way that the user would perceive (e.g., a subscription to a service), or
The user be held accountable for the results of the interaction. [in all cases, like Suresh’s transaction].

Bonus: What is HEAD?

A HEAD request is similar to a GET request except no message body is returned (e.g. my grandmother makes a request for DVDs but gets nothing back). This might sound useless but it’s actually a way to simply test a URL for validity, accessibility, or recent modification.