Crash course in sane Web programming

What the current SOAP fad has done is to make us forget how to build and deploy applications on the Web according to the true HTTP specification. Even wikipedia is incredibly confused and confusing with respect to HTTP. It is ridiculously simple, but overly ignored and misrepresented.

GET Get some resource identified by a URI. This request should not change the state of the resource.
The resource itself may change over time however.

Add a new resource (post a new message, a new comment, a new post, a new file) or modify an existing resource. The provided URI is not the URI of the new resource, but rather the URI of a related resource (for example, the URI of the blog or posting board).


Create or replace a resource having the given URI. This method is idempotent!

DELETE Delete a resource.

What does this mean?

  • A POST from should never replace a resource. A POST form cannot be used to edit a post and is safe.
  • GET queries are stateless. No matter who does the GET, the same result should come out. If I copy and paste a URL in my browser and pass it to someone else, they should end up with the same resource. A GET query cannot create, change or delete a resource. GETs are safe. I should always be able to follow a link without fear of deleting or buying something.

As to why this might not work, see what Parand had to say about it.

2 thoughts on “Crash course in sane Web programming”

  1. In practice PUT and DELETE are rarely used and POST is rarely safe. Part of the problem is the lack of support for PUT and DELETE; I tried using them in a project last year but ended up giving up and going with POST because some toolkits and browsers just don’t support it.

Leave a Reply

Your email address will not be published. If you leave an email, you will be notified when there are replies. The comment form expects plain text. If you need to format your text, you can use HTML tags such <strong> and <em>. For formatting code as HTML automatically, I recommend