HTTP POST with URL query parameters — good idea or not?

by

If your action is not idempotent, then you MUST use POST. If you don’t, you’re just asking for trouble down the line. GET, PUT and DELETE methods are required to be idempotent. Imagine what would happen in your application if the client was pre-fetching every possible GET request for your service – if this would cause side effects visible to the client, then something’s wrong.

I agree that sending a POST with a query string but without a body seems odd, but I think it can be appropriate in some situations.

Think of the query part of a URL as a command to the resource to limit the scope of the current request. Typically, query strings are used to sort or filter a GET request (like ?page=1&sort=title) but I suppose it makes sense on a POST to also limit the scope (perhaps like ?action=delete&id=5).

More Related Contents:

  1. What exactly is RESTful programming?
  2. HTTP GET with request body
  3. 400 BAD request HTTP error code meaning?
  4. SOAP vs REST (differences)
  5. What is the proper REST response code for a valid request but an empty data?
  6. HTTP response code for POST when resource already exists
  7. What is RESTful programming?
  8. Designing URI for current logged in user in REST applications
  9. Update an entire resource collection in a REST way
  10. When is it appropriate to respond with a HTTP 412 error?
  11. How to do a PUT request with cURL?
  12. What REST PUT/POST/DELETE calls should return by a convention?
  13. RESTful – What should a DELETE response body contain
  14. Place API key in Headers or URL
  15. Response status code for searches in REST APIs
  16. Status code when deleting a resource using HTTP DELETE for the second time
  17. What is the difference between POST and PUT in HTTP?
  18. REST HTTP status codes for failed validation or invalid duplicate
  19. REST API error return good practices [closed]
  20. REST API Best practice: How to accept list of parameter values as input [closed]
  21. What’s the difference between “Request Payload” vs “Form Data” as seen in Chrome dev tools Network tab
  22. Content-Length header with HEAD requests?
  23. secure api data from calls out of the app
  24. Are there any naming convention guidelines for REST APIs? [closed]
  25. Custom HTTP Authorization Header
  26. How to expose a RESTful Web Service using Meteor
  27. REST API – Bulk Create or Update in single request [closed]
  28. What is the difference between a HTTP-Get and HTTP-POST and why is HTTP-POST weaker in terms of security
  29. How do I get the body of a web request that returned 400 Bad Request from Invoke-RestMethod
  30. Get/post to RESTful web service

Leave a Comment