This is the default response of the default implementation of HttpServlet#doXxx() method (doGet(), doPost(), doHead(), doPut(), etc). This means that when the doXxx() method is not properly being @Overriden in your servlet class, or when it is explicitly being called via super, then you will face a HTTP 405 “Method not allowed” error. So, you … Read more
I use a List of NameValuePair and URLEncodedUtils to create the url string I want. protected String addLocationToUrl(String url){ if(!url.endsWith(“?”)) url += “?”; List<NameValuePair> params = new LinkedList<NameValuePair>(); if (lat != 0.0 && lon != 0.0){ params.add(new BasicNameValuePair(“lat”, String.valueOf(lat))); params.add(new BasicNameValuePair(“lon”, String.valueOf(lon))); } if (address != null && address.getPostalCode() != null) params.add(new BasicNameValuePair(“postalCode”, address.getPostalCode())); if … Read more
Not in the RFC, no, but there are practical limits. The HTTP protocol does not place any a priori limit on the length of a URI. Servers MUST be able to handle the URI of any resource they serve, and SHOULD be able to handle URIs of unbounded length if they provide GET-based forms that … Read more
Angular’s $http has a cache built in. According to the docs: cache – {boolean|Object} – A boolean value or object created with $cacheFactory to enable or disable caching of the HTTP response. See $http Caching for more information. Boolean value So you can set cache to true in its options: $http.get(url, { cache: true}).success(…); or, … Read more
Yes. The querystring is also encrypted with SSL. Nevertheless, as this article shows, it isn’t a good idea to put sensitive information in the URL. For example: URLs are stored in web server logs – typically the whole URL of each request is stored in a server log. This means that any sensitive data in … Read more
Isn’t that what hidden parameters are for to start with…? <form action=”http://www.example.com” method=”GET”> <input type=”hidden” name=”a” value=”1″ /> <input type=”hidden” name=”b” value=”2″ /> <input type=”hidden” name=”c” value=”3″ /> <input type=”submit” /> </form> I wouldn’t count on any browser retaining any existing query string in the action URL. As the specifications (RFC1866, page 46; HTML 4.x … Read more
According to MDN, Preflighted requests Unlike simple requests (discussed above), “preflighted” requests first send an HTTP OPTIONS request header to the resource on the other domain, in order to determine whether the actual request is safe to send. Cross-site requests are preflighted like this since they may have implications to user data. In particular, a … Read more
Use POST for destructive actions such as creation (I’m aware of the irony), editing, and deletion, because you can’t hit a POST action in the address bar of your browser. Use GET when it’s safe to allow a person to call an action. So a URL like: http://myblog.org/admin/posts/delete/357 Should bring you to a confirmation page, … Read more
Browsers (and Dashcode) provide an XMLHttpRequest object which can be used to make HTTP requests from JavaScript: function httpGet(theUrl) { var xmlHttp = new XMLHttpRequest(); xmlHttp.open( “GET”, theUrl, false ); // false for synchronous request xmlHttp.send( null ); return xmlHttp.responseText; } However, synchronous requests are discouraged and will generate a warning along the lines of: … Read more
Roy Fielding’s comment about including a body with a GET request. Yes. In other words, any HTTP request message is allowed to contain a message body, and thus must parse messages with that in mind. Server semantics for GET, however, are restricted such that a body, if any, has no semantic meaning to the request. … Read more