HTML Form Method — GET vs POST explained (live demo)
The method attribute decides how a form sends its data. GET appends it to the action URL as a query string (for searches and filters); POST puts it in the request body (for contact, registration, and anything sensitive or large). Use POST for real submissions.
Updated June 2026 · The <form method> element · 12 elements in the reference
<form action="https://splitforms.com/api/submit" method="POST">
<input type="hidden" name="access_key" value="YOUR_ACCESS_KEY">
<label for="name">Name</label>
<input type="text" id="name" name="name" required>
<label for="email">Email</label>
<input type="email" id="email" name="email" required>
<input type="checkbox" name="botcheck" style="display:none">
<button type="submit">Send</button>
</form>Replace YOUR_ACCESS_KEY with a key from your free splitforms dashboard. The form posts to one endpoint — submissions land in your inbox and dashboard with spam filtering built in.
GET leaks data into URLs
GET puts every field in the URL, so emails and messages land in browser history, analytics, and referer headers. Never use GET for anything sensitive.
GET has length limits
URLs are capped (roughly 2,000–8,000 bytes depending on the server). Long messages or file uploads can be silently truncated — POST has no such limit.
POST still needs CSRF care
POST keeps data out of the URL but doesn't make it safe on its own. A hosted form backend handles validation and spam; for your own server, add CSRF protection.