Software Engineering Stack Exchange
Software Engineering Stack Exchange

Questions tagged [http-request]

111 questions
580
votes
1 answer

Is the use of "utf8=✓" preferable to "utf8=true"?

I have recently seen a few URIs containing the query parameter "utf8=✓". My first impression (after thinking "mmm, looks cool") was that this could be used to detect a broken character encoding. So, is this a better way to resolve potential…
Gary
  • 24,420
  • 9
  • 63
  • 108
200
votes
7 answers

How do searches fit into a RESTful interface?

When designing a RESTful interface, the semantics of the request types are deemed vital to the design. GET - List collection or retrieve element PUT - Replace collection or element POST - Create collection or element DELETE - Well, erm, delete…
Rob Baillie
  • 2,416
  • 2
  • 13
  • 12
136
votes
6 answers

Why shouldn't a GET request change data on the server?

All over the internet, I see the following advice: A GET should never change data on the server- use a POST request for that What is the basis for this idea? If I make a php service which inserts data in the database, and pass it parameters in…
Devdatta Tengshe
  • 2,514
  • 4
  • 21
  • 22
101
votes
6 answers

Should we create a new single instance of HttpClient for all requests?

recently I came across this blog post from asp.net monsters which talks about issues with using HttpClientin following way: using(var client = new HttpClient()) { } As per the blog post, if we dispose the HttpClient after every request it can keep…
Ankit Vijay
  • 1,568
  • 3
  • 10
  • 13
90
votes
4 answers

What belongs in an HTTP request header vs the request body?

I'm working on a set of web services for a mobile client, and the requirements call for a unique device id to be included with all requests, to be stored in certain requests, and used to filter results in others. A suggestion was made that it be…
Mike Partridge
  • 6,587
  • 1
  • 25
  • 39
70
votes
2 answers

How should a REST API handle PUT requests to partially-modifiable resources?

Suppose a REST API, in response to a HTTP GET request, returns some additional data in a sub-object owner: { id: 'xyz', ... some other data ... owner: { name: 'Jo Bloggs', role: 'Programmer' } } Clearly, we don't want anyone to be…
Robin Green
  • 1,233
  • 1
  • 9
  • 22
64
votes
10 answers

How do I mitigate a scenario where a user goes to pay, but the price is changed mid-request?

This is kind of similar to the Two Generals' Problem, but not quite. I think there is a name for it, but I just can't remember it right now. I am working on my website's payment flow. Scenario Alice wants to pay Bob for a service. Bob has quoted…
turnip
  • 1,657
  • 2
  • 15
  • 21
16
votes
1 answer

Use Case of HTTP GET Request with a Body

I am maintaining a old .aspx page in which all the data required by the page to show the content is passed in the URL of the GET request as a part of query string. The result of this is that, as we keep on adding features, the URL keeps getting…
kumarmo2
  • 269
  • 1
  • 2
  • 5
15
votes
6 answers

What reasons are there AGAINST using only POST HTTP verb in an API?

I am researching before starting to work on an API for a web-service I am building. The goal is to be very quick and easy to adapt and use for other developers but fairly hidden for clients using a collection of Webapps to make calls to the service…
gaugau
  • 269
  • 2
  • 8
13
votes
3 answers

Is it safe to transmit access tokens via HTTP headers?

It's the first RESTful web service and I am concerned about security issues. Is it safe to transmit my access token via HTTP headers? For example: POST /v1/i/resource HTTP/1.1 Content-Type: application/x-www-form-urlencoded Api-key:…
ahmedsaber111
  • 233
  • 1
  • 2
  • 5
11
votes
2 answers

What is a proper response status code to POST when parent resource is not found?

I've the following endpoint: a/{id}/b and want to create a b with sending POST request to it. If a with given {id} is not found should I response with 404 NOT_FOUND or maybe with 409 CONFLICT? It is to handle plain a/{id}, the trick is that here a…
Opal
  • 275
  • 1
  • 2
  • 9
8
votes
5 answers

How to map "mv" operation to HTTP verbs?

In designing a RESTful api the problem arises as to how best to allow resources to be moved between collections. Renaming a resource could be done by using PATCH but this is not the same thing as moving the resource between collections. Also it is…
Jon Guiton
  • 191
  • 5
8
votes
3 answers

REST Webservices (post / put) : which type of parameter should I choose, and when?

On a POST (or PUT) webservice, I know can use three different type of parameters, I can send my parameters in the path of the URL /objects/{path_param}, after a question mark in the URL /objects?{param_name}={Param_value} or in the body of the…
gvo
  • 676
  • 2
  • 5
  • 14
8
votes
1 answer

Rendering head :ok vs head :no_content. Any good practices?

Whenever I take in data and do something like delete a post, etc. I generally return head :no_content. For example: def destroy @post = Post.find_by(external_id: params[:post_id]) @post.destroy! head :no_content end Is it good practice to…
David
  • 219
  • 1
  • 2
  • 5
7
votes
2 answers

Is repeating an identifier on an API request and response considered a code smell

Is it weird to have an identifier such as (_id) on a request which you send to the API, which "enriches" the request and sends back a response with the same identifier (but obviously more enriched data)? For example - you send request {_id: 1111}…
AvetisCodes
  • 1,544
  • 3
  • 14
  • 26
1
2 3 4 5 6 7 8