so i am using volley to connect to a backend and for some reason they need the form request data to be in a certain order the server wont accept it. unfortunately no matter how i put my data into the hashmap when overriding getParams they always come out in the same, incorrect order causing me to be unable to make a request. is there a way for me to order it, or just create my own string and send that? thanks
Related
This question already has answers here:
What is the difference between POST and GET? [duplicate]
(7 answers)
Closed 4 years ago.
I am using android studio and got me wondering what's the difference of using post and get method request. I know when we use GET METHOD as a request in front end, we would see the request parameters in the url. But in android there aren't any url, so what difference does it make when using post method and get method in android ?
Well, The main difference is GET passes request parameter in URL string while POST passes request parameter in request message body which makes it more secure way of transferring data from client to server in http protocol
But if you look more into it, there are any other difference:
First
GET is used for data retrieval only. you can refine what you get from GET METHOD but it is as read only.
While POST is used for send data, But it only like a way to break the simple workings of HTML because you are neither guaranteed of anything that is happening, while it can fetch, send, or delete a data.
Second
GET request can only pass limited amount of data while POST method can pass large amount of data to server
Third
GET is mostly used for view purpose (e.g. SQL SELECT) while POST is mainly use for update purpose (e.g. SQL INSERT or UPDATE).
Fourth
the result of POST may not result in an actual page.
and Lastly
If you have a HIDDEN inputs in form then submitting a GET request reveals that HIDDEN inputs. (PHP GET and POST)
I want to make an android app which will login to my web application using rest API. In browsers we have a concept of cookie which servers use to identify/maintain session with the users.
In Android how would we accomplish it ? I heard that there is a concept of token which is sent by server in response(first time when credentials are validated) and Android app have to send it to server every time it tries to access a resource(protected). So, what is the better way of doing it ?
Do we need to validate the token again and again when the client requests for a resource ?
Honestly, I can't think of a better way of doing this. Token based authentication seems to be pretty standard when dealing with RESTful APIs. Is there any reason you can't do that?
If you don't want to change the server code, then this could be simulated by adding a cookie header to every request you send. But this is basically the same thing that you mentioned above, just not as clean.
And the browser is already sending a token to be validated again and again. Every request has a cookie header that gets validated through your web application on every request, so this isn't a big deal at all.
And, you don't need anything Android specific to accomplish this. In whatever http library you're using I'm sure there is a method you can called or something you can override in order to set custom headers. Use that to set either your cookie header or token header on every request that you need to make.
I am working on an android application in which i want to use caching mechanism for httpurlrequest. I want to cache the response and want to use again for next request.
So, in android how to cache the response and how to use it next time when we do the same request.
Any working example would be great for me.
How to check whether response is from cache or from server?
How to check whether cache is available for the particular request.
PS: there is no any support of cache from server side. i.e sever doesn't send any 'Cache-Control' header field in response.
Thanks,
I am developing a native android application that will post data to a php page. The php page will then update, delete, insert records into a mysql database. Using the app should be the only time the php page is called from. I have been reading, and it seems that using tokens to validate each request is the way to go. I just really don't understand how to do this from a native android application. Authentication is something I don't have experience in. I want to ensure that using the application is the only way that the php backend can modify the database to prevent outside attacks. Can anyone point me in the right track? Any help would be greatly appreciated.
Simplest way to achieve that is to have some random string stored in the Android application. You have to make sure that this string cannot be easily extracted from the app after decompilation. This can be achieved by using proguard + not storing the entire string in one place in the app (for example you can create a set of methods that can be used to generate that random string). You need to make requests to the server using HTTPS. You can then make the app send this string in every request. Server should successfully respond to the requests that contain this string (for example sent in POST parameter) and return an error for all other requests (you need to implement a check on the server to achieve that).
My client is an Android app and my service is an asp.net web api. I’m the only one using my service. I am trying to duplicate, in the Android-REST world what I am already doing in the Microsoft Windows Phone 7/ WCF SOAP world. I have numerous methods that both receive complex objects and return complex objects.
The WCF-SOAP world is simple. You can pass any complex arguments you want and return any complex results you want. Logically, it’s just a Remote Procedure Call.
But when I post questions about doing the same thing in REST, I’m told I should limit my services into GET, PUT, POST, and DELETE only. And that I should only do what is “proper” according to RFC2616. Some speak of this in almost a religious manner.
Forgeting about the religion, what’s wrong with using a GET for everything? Or what’s wrong with using a POST for everything? What I do does not fall into the simplistic RFC2616 categories. For instance I’m passing a thousand legs of a trip taken in a car and I’m getting back another version of that trip with erratic GPS errors smoothed out. Or, I’m sending a conversation in english and getting that conversation back in German.
In the android client I have the objects I want to send over HTTP already serialized into json strings by using Google-GSON. So my questions are…
How can I send these json strings to my REST Service as arguments in either GET or POST?
Is it possible and feasible to use just all GETs (or all POSTs) for all of my calls to my REST Service and how do I do that?
I have a more pragmatic question about this posted at sending a json string in a http url as I can’t find any examples anywhere of sending json strings over http GET or POST.
Thanks, Gary
Using the good HTTP verb is very usefull to simply know what to do when you request failed (for example) or just to do some specific stuff. If you sent a POST request, it's implicitly suppose that you have to parse your resource in order to obtain a stream which be sent via the request's body. In other hand, when you are retrieving data via GET, it's suppose that the request is gonna be sent back to you as a stream that you will mapped to your model, pojo, or anything else.
I can suggest you to use library such as RESTDroid. You can send POJO and receive POJO. It's a "resource oriented" library, so you can know at any moment if a particular local resource is remotely syncronized. Data persistence between local and remote is automatically handles.
RESTDroid is alpha released. You can have a look to RoboSpice. It's a powerful library to manage REST call but it's up to you to manage the persistency between local and remote resources.
1) The WCF-SOAP world is simple. You can pass any complex arguments you want and return any complex results you want. Logically, it’s just a Remote Procedure Call.
- IN REST:"You can pass any complex arguments you want and return any complex results you want too.
2a) Forgeting about the religion, what’s wrong with using a GET for everything?
In SOAP services WCF/or classical you are wrapping all requests into http POST so using single verb would end up to SOAP or - don't even think about it - your own communication protocol:-D
2b) You can technically compose GET request with non empty body - most of the servers ignore it by default though and it would be technically problematic to read it..
the other part of the question is answered by Pcriulan above