Crash course in sane Web programming

What the current SOAP fad has done is to make us forget how to build and deploy applications on the Web according to the true HTTP specification. Even wikipedia is incredibly confused and confusing with respect to HTTP. It is ridiculously simple, but overly ignored and misrepresented.

GET Get some resource identified by a URI. This request should not change the state of the resource.
The resource itself may change over time however.

Add a new resource (post a new message, a new comment, a new post, a new file) or modify an existing resource. The provided URI is not the URI of the new resource, but rather the URI of a related resource (for example, the URI of the blog or posting board).


Create or replace a resource having the given URI. This method is idempotent!

DELETE Delete a resource.

What does this mean?

  • A POST from should never replace a resource. A POST form cannot be used to edit a post and is safe.
  • GET queries are stateless. No matter who does the GET, the same result should come out. If I copy and paste a URL in my browser and pass it to someone else, they should end up with the same resource. A GET query cannot create, change or delete a resource. GETs are safe. I should always be able to follow a link without fear of deleting or buying something.

As to why this might not work, see what Parand had to say about it.

Published by

Daniel Lemire

A computer science professor at the University of Quebec (TELUQ).

2 thoughts on “Crash course in sane Web programming”

  1. In practice PUT and DELETE are rarely used and POST is rarely safe. Part of the problem is the lack of support for PUT and DELETE; I tried using them in a project last year but ended up giving up and going with POST because some toolkits and browsers just don’t support it.

Leave a Reply

Your email address will not be published. Required fields are marked *

To create code blocks or other preformatted text, indent by four spaces:

    This will be displayed in a monospaced font. The first four 
    spaces will be stripped off, but all other whitespace
    will be preserved.
    Markdown is turned off in code blocks:
     [This is not a link](

To create not a block, but an inline code span, use backticks:

Here is some inline `code`.

For more help see