Section 5.21. Another test drive


5.21. Another test drive

Add the line of JavaScript that sets the "Content-Type" request header in pizza.js, and save your JavaScript. Then load pizza.html in your web browser, and try to enter an order again.

The pizza order form is working again...

...but this time, the order is being sent to the server using a POST request. No big orders are gonna get lost with POST!

Congratulations... You've saved Alex's butt once again. Pizza's on us!

But you still haven't told me what the actual maximum length of the request URL in a GET request is. Hello?

It's browser-dependent

Each browser treats URLs differently. So the maximum request URL length is different on each browser. Opera, Internet Explorer, Safari... it just depends on which browser customers are using.

But it's really small, I guess. Like, just 50 or 75 characters long?

Well, it's not that small...

Remember, each browser is different. But, for example it's about 2,000 characters on Internet Explorer... that's a good rule of thumb to use for other browsers, too.

Did you say two-THOUSAND? Are you kidding me? What are we expecting here, Schwarzenegger is gonna order pizza for the entire state of California? Come on... this is just ridiculous!

Hmmm.... well... umm....

OK, you got us. There are probably not going to be a lot of times when the customer's address, phone number, and pizza order are longer than 2,000 characters... even when it's Super Bowl party time.

But there are still good reasons to use POST requests...

Espresso Talk

Tonight's overly caffeinated guests:

POST request and GET request

POST: Hey there, GET, I'm surprised you're still around. I'm getting so many requests these days that I just figured you had headed to Fiji or something.

GET: Still around? Oh, I'm plenty busy. Besides, I'd much rather be in demand because of what I do, not what people think I do.

POST: What's that supposed to mean?

GET: Have you actually asked anyone why they're using you instead of me?

POST: Oh, you really are losing it. There are tons of reasons to use me instead of you.

GET: Oh really? Name five. I dare ya'.

POST: This is going to be fun. Gee, where to begin. OK, how about I'm more secure. Nobody uses you for sending important information, like a credit card number or checking account number.

GET: (Sigh) Just because people believe something doesn't make it true. You're not really any more secure than I am. Any junior programmer can break open POST data just as easily as they can read a request URL. And unencoding POST data? Takes about 30 seconds... if you're doing it one-handed.

POST: OK, sure, whatever. Well, here's another reason to use me: you don't have to worry about how long your request data is. You've got that lousy length limitation.

GET: Yup, and if you can tell me 2,000 characters of text that you're used to getting in name/value pairs, I'll tell you why that really matters to anyone. Hardly anyone sending plain old text is really going to need more than that for their data.

POST: Hmmm. Well, who wants to see all their data in the address line of their browser? Huh? How about that, Mr. I-need-no-content-type?

GET: Oh, so now it's a beauty contest? Besides, I thought this was a book on Ajax. Nobody sees the URL in an asynchronous request, even if it is a GET request. I'm still waiting for that great reason to use POST requests. ..

POST: Well, everyone knows it's just... better... to use POST for sending form data to a server.

GET: Tradition. That's all you've got, huh? So let's mount up on horses, pull out the pantaloons, and start worrying about falling off the edge of the earth... you've got to be kidding. If everyone in the world jumped off a bridge, I suppose you'd be getting your bathing suit on, wouldn't you?

POST: Urggh... well... wait, wait, WAIT! I've got it!

GET: Oh, I'll bet this will be priceless. What now? Did Howard Stern say POST is better? I'm sure we can all rely on important trend indicators like that to make important development decisions...

POST: XML.

GET: Huh?

POST: XML, big mouth. I don't suppose you have much to say about that, do you?

GET: Ahhh... well...

POST: Yeah, that's what I thought! You've got to escape each and every one of those angle brackets, don't you? And what about your length limitation? That's a big problem with XML.

GET: Hmm. Well, it can't be that important... I mean, we're on like page 240 or something, and we haven't even talked about XML yet...

POST: Oh, you really are out of the loop. I guess you missed the memo buddy... wait until Chapter 6. It's XML central, baby, and I bet you're nowhere to be found. C'ya! I hear the next chapter callling... I'm sure they need someone who can handle XML requests!


I gotta tell you, you've saved my butt again. Customers are happy, I'm getting massive tips, and my boss is just going on and on about Ajax.

Reviewing your Ajax library

You've got a lot of tools in your Ajax and asynchronous programming library by now. Before you dive into Chapter 6, take a moment to relax, and write down what you've learned so far. In the blanks below, list some of the key Ajax concepts you've picked up in the first five chapters.

______________________________________________________________________

______________________________________________________________________

______________________________________________________________________

______________________________________________________________________

______________________________________________________________________


Take a look at the new POST version of Break Neck Pizza

60 Second Review

  • In a GET request, all the data you send to the server is added to the request URL .

  • Each browser has a maximum length for URLs, including any data included as part of that URL. For most browsers, that maximum length is around 2,000 characters.

  • There isn't a length restriction on the data you send to the server if you're using a POST request.

  • In POST requests, the data is sent to the server separate from the request URL. The request URL only has the name of the program on the server that should be run.

  • You can send different types of data in a POST request: plain text, XML, binary objects like images and files, and anything else that your web browser can encode.

  • The server doesn't know what type of POST data to expect unless you tell it.

  • Use the setRequestHeader() method on the JavaScript request object to pass additional information on to a server.

  • Using the Content-Type request header, you can tell the server what kind of data you're sending in a POST request.

  • The content type "x-www-form-urlencoded" tells the server that you're using name/value pairs, in plain text, just as if that data had been submitted by a web form.

  • POST requests are only marginally more secure than GET requests, and both require additional layers of security-like SSL, the secure sockets layerto protect your data from prying eyes and malicious programmers.




Head Rush Ajax
Head Rush Ajax (Head First)
ISBN: 0596102259
EAN: 2147483647
Year: 2004
Pages: 241

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net