Comments (1)
benbunk
commented on May 13, 2024
I'm not entirely sure, but it seems that the HTTP Verbs chart https://github.com/WhiteHouse/api-standards#http-verbs is trying to avoid the sort of ambiguity that the HTTP protocol introduces (http://tools.ietf.org/html/rfc2616#page-51) in regard to POST, PUT, and method overrides.
For instance the chart says the the PUT method should only update and if the entity doesn't exist it should return an error. In the HTTP spec it is entirely valid for an origin server to only update entities when the PUT method is used as long as the server returns the correct status code
"If the Request-URI does not point to an existing resource, and that URI is capable of being defined as a new resource by the requesting user agent, the origin server can create the resource with that URI."
(http://tools.ietf.org/html/rfc2616#section-9.6)
The operative word is "can" essentially allowing the server to choose if it wants to implement the create operation or not. While in general it is perfectly acceptable to create an entity with PUT I believe the spirit of this document is to avoid such ambiguity. The same goes for POST and method overrides.
However, there is some ambiguity that isn't clarified here in regards to the responses from the PUT and POST methods.
For instance with POST if server creates an entity that results in a new URI then,
If a resource has been created on the origin server, the response
SHOULD be 201 (Created) and contain an entity which describes the
status of the request and refers to the new resource, and a Location
header (see section 14.30).
(http://tools.ietf.org/html/rfc2616#section-9.5)
The operative word being "should" which is even written in all caps to draw attention to itself in the document. Meaning that it doesn't really need to behave this way. So clarification would be appreciated.
Further if the action doesn't result in an entity with a URI we know it's appropriate but not required to return a 200 or 201 response.
"The action performed by the POST method might not result in a
resource that can be identified by a URI. In this case, either 200
(OK) or 204 (No Content) is the appropriate response status,
depending on whether or not the response includes an entity that
describes the result."
(http://tools.ietf.org/html/rfc2616#section-9.5)
Again, clarification here would be good. It would seem this type of behavoir is really geared more towards the method overloading aspect of the POST method and may not need clarification if there won't be any generic actions being created with the POST method.
from api-standards.
Related Issues (20)
- POST response format and behavior is not specified
- POST request payload, format, and behavior are not clearly specified
- Clarify how JSONP URLs are constructed
- Clarify file formats and use of Content-Type headers
- Recommend encoding type
- Recommend how capitalization is handled
- A few CDC Enhancements
- Consider using the IETF API-Problem specification for error messages HOT 1
- Thanks and FYI
- Extending guidelines to include APIs that need authentication and authorization
- Add rationale to some guidelines. HOT 3
- Broken link HOT 1
- License for the content
- Http Code In response Json is useless HOT 3
- Some questions on the directory structure HOT 1
- What is the license? HOT 2
- Write something about running multiple versions of the API
- JSONP
- Email confirmation RESTful api HOT 1
- Please update readme with correct apigee links HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from api-standards.