Handling HTTP get Requests Containing Data
When requesting a document or resource from a Web server, it is possible to supply data as part of the request. The servlet WelcomeServlet2 in Fig. 26.12 responds to an HTTP get request that contains a name supplied by the user. The servlet uses the name as part of the response to the client.
Figure 26.12. WelcomeServlet2 responds to a get request containing data.
(This item is displayed on page 1256 in the print version)
""Processing get requests with data
Parameters are passed as name-value pairs in a get request. Line 17 demonstrates how to obtain information that was passed to the servlet as part of the client request. The request object's getParameter method accepts the parameter name as an argument and returns the corresponding String value, or null if the parameter is not part of the request. Note that parameter names are case sensitive and must match exactly. Line 41 uses the result of line 17 as part of the response to the client.
The WelcomeServlet2.html document (Fig. 26.13) provides a form in which the user can input a name in the text input element firstname (line 16) and click the Submit button to invoke WelcomeServlet2. When the user presses the Submit button, the values of the input elements are placed in name-value pairs as part of the request to the server. In the second screen capture in Fig. 26.13, note that the browser appended
?firstname=Jon
to the end of the action URL. The ? separates the query string (i.e., the data passed as part of the get request) from the rest of the URL in a get request. The name-value pairs are passed with the name and the value separated by =. If there is more than one namevalue pair, each pair is separated by &.
Figure 26.13. HTML document in which the form's action invokes WelcomeServlet2 through the alias welcome2 specified in web.xml.
(This item is displayed on page 1257 in the print version)
"http://www.w3.org/1999/xhtml"> 8 9
1 6 7 |
Processing get requests with data 10 11 12 | 13 "/jhtp6/welcome2" method = "get" > 14
15 Type your first name and press the Submit button 16 "text" name = "firstname" /> 17 "submit" value = "Submit" /> 18 19 20 21 |
Once again, we use our jhtp6 context root to demonstrate the servlet of Fig. 26.12. Place WelcomeServlet2.html in the servlets directory created in Section 26.4.1. Place WelcomeServlet2.class in the classes subdirectory of WEB-INF in the jhtp6 context root. Remember that classes in a package must be placed in the appropriate package directory structure. Then edit the web.xml deployment descriptor in the WEB-INF directory to include the information specified in Fig. 26.14. This table contains the information for the servlet and servlet-mapping elements that you will add to the web.xml deployment descriptor. You should not type the italic text into the deployment descriptor. Restart Tomcat and type the following URL in your Web browser:
http://localhost:8080/jhtp6/servlets/WelcomeServlet2.html
Descriptor element |
Value |
---|---|
servlet element |
|
servlet-name |
welcome2 |
description |
Handling HTTP get requests with data. |
servlet-class |
WelcomeServlet2 |
servlet-mapping element |
|
servlet-name |
welcome2 |
url-pattern |
/welcome2 |
Type your name in the text field of the Web page, then click Submit to invoke the servlet. Once again, note that the get request could have been typed directly into the browser's Address or Location field as follows:
http://localhost:8080/jhtp6/welcome2?firstname=Jon
Error-Prevention Tip 26.4
If an error occurs during the servlet invocation, the log files in the logs directory of the Tomcat installation can help you determine the error and debug the problem. |
Software Engineering Observation 26.4
A get request is limited to standard characters, which means that you cannot submit any special characters via a get request. The length of the URL in a get request is limited. For example, the maximum URL length in Internet Explorer is 2,083 characters. Some Web servers might restrict this even more. |
Good Programming Practice 26.1
A get request should not be used for sending sensitive data (e.g., a password) because the form data is placed in a query string that is appended to the request URL as plain text and can be intercepted. |