Since verbs target a URL like server.domain/getallrecords or server.domain/delete1record or something similar. And getallrecords, delete1record are specifically designed for specific purposes, why do we need Verbs here ?
Whats the difference between a get call to
server.domain/getallrecords or
server.domain/delete1record
or a put (or post or delete) call to any of the above URL ?
If you go the RPC way it seems like HTTP verbs are useless.
HTTP verbs are a good companion of REST-style HTTP services, because resource-oriented URIs won't contain an action identifier but a resource.
For example, server.domain/getallrecords would be server.domain/records and if you perform a request to this resource using HTTP/GET, resource will be mapped to a server method which will return all records, if you perform the same request using HTTP/POST, it would create a new record, and so on.
You need to decide: RPC or REST, and depending on this, you'll find HTTP verbs useful or not. I would suggest you that using HTTP verbs is a good way of using a well-known protocol - HTTP - with predefined verbs, instead of inventing your own ones. But again, it depends on your own thoughts, preferences and requirements.
In a rest API, say you have 4 endpoints for an inventory API
is for creation of an item
is for modification (edit operation) of an item(s)
is for deletion of an item
is for view of an item
The API endpoint would look like these:
servername.domain/createItem
servername.domain/editItem
servername.domain/deleteItem
servername.domain/viewItems
but if we use verbs, we will only need 1 endpoint, since the endpoint can figure out what operation to do given the HTTP verb
servername.domain/inventory
if that endpoint receives a GET, its the /viewItems
if that endpoint receives a POST, its the /createItems
if that endpoint receives a PUT, its the /editItems
if that endpoint receives a DELETE, its the /deleteItems
Related
For start - I understand the difference between GET and POST.
What I don't understand is how does a request that doesn't mention either of them work, when and why would I want to use it?
Here's an example from ASP.NET Docs:
Map method
MapGet method
MapPost method
HTTP requests always have an HTTP method associated with them. GET and POST are two such methods, but there are others (see here).
When you call the MapGet, MapPost, or Map methods, you are creating "rules" that ASP.NET will use to route incoming requests to different parts of your application code, depending on which rules are matched.
Part of each rule is the route pattern itself, but you can also require a specific HTTP method in order for a rule to be matched. That's what MapGet and MapPost are doing - when you use them, they will only match requests that also have the appropriate HTTP method (GET and POST, respectively). In contrast, Map will match any incoming request (that also matches the route pattern), regardless of the HTTP method of the request.
This can be an easy way to get your application to behave differently depending on the HTTP method that is used. For example, you could use MapGet to route GET requests to a method that will return something, while using MapPost to route POST requests to a method that will create a new record. If you want your application to behave the same way for all requests (or you want to programmatically check the request method), you could just use Map.
I'm having a following problem with camel http requests. I would want to preserve a value of url query string parameter without passing it to another http request that needs to be done on the route. The value is needed after the http request to external api to process the data. Below is a clarification of the problem:
rest("/api")//We get requests as /camel/api?param1=xyz...
.get()
.route()
.setHeader(Exchange.HTTP_METHOD, constant("GET"))
.setHeader("Accept-Encoding", constant("gzip"))
.setHeader("Accept", constant("*/*"))
.removeHeader(Exchange.HTTP_URI)//Remove this
//How do I prevent the {header.param1} from being passed to the following http request but still be able to use it after the request on the route?
.to("https://someapi.org/api/...")
//To process the result, we need the original {header.param1} value from the request to this /camel/api endpoint
.endRest();
What is the correct way to achieve this?
If you receive parameters that are only needed in the current route and should not be passed on to any other endpoints, you can also copy them over to Exchange properties and delete the headers.
In contrast to message headers, the Camel Exchange properties are not propagated to routings and they are removed together with the Exchange when the message reaches an end of the current route.
.setProperty("param1", header("param1")) // create property from header
.removeHeader("param1") // remove the header
This is a very explicit and transparent way to do this, but you have to do it everywhere you need it. So it is good for exceptional cases that you want to make explicit.
On the other hand a HeaderFilterStrategy prevents sending specific headers (based on patterns) to the endpoints you configure it. So it is very good for general header rules you want to apply to all endpoints of a specific type (for example to all HTTP endpoints).
I have read many discussions on this, such as the fact the PUT is idempotent and POST is not, etc. However, doesn't this ultimately depend on how the server is implemented? A developer can always build the backend server such that the PUT request is not idempotent and creates multiple records for multiple requests. A developer can also build an endpoint for a PUT request such that it acts like a DELETE request and deletes a record in the database.
So my question is, considering that we don't take into account any server side code, is there any real difference between the HTTP methods? For example, GET and POST have real differences in that you can't send a body using a GET request, but you can send a body using a POST request. Also, from my understanding, GET requests are usually cached by default in most browsers.
Are HTTP request methods anything more than just a logical structure (semantics) so that as developers we can "expect" a certain behavior based on the type of HTTP request we send?
You are right that most of the differences are on the semantic level, and if your components decide to assign other semantics, this will work as well. Unless there are components involved that you do not control (libraries, proxies, load balancers, etc).
For instance, some component might take advantage of the fact that PUT it idempotent and thus can re retried, while POST is not.
The Hypertext Transfer Protocol (HTTP) is designed to enable communications between clients and servers.
HTTP works as a request-response protocol between a client and server.
A web browser may be the client, and an application on a computer that hosts a web site may be the server.
Example: A client (browser) submits an HTTP request to the server; then the server returns a response to the client. The response contains status information about the request and may also contain the requested content.
HTTP Methods
GET
POST
PUT
HEAD
DELETE
PATCH
OPTIONS
The GET Method
GET is used to request data from a specified resource.
GET is one of the most common HTTP methods.
Note that the query string (name/value pairs) is sent in the URL of a GET request.
The POST Method
POST is used to send data to a server to create/update a resource.
The data sent to the server with POST is stored in the request body of the HTTP request.
POST is one of the most common HTTP methods.
The PUT Method
PUT is used to send data to a server to create/update a resource.
The difference between POST and PUT is that PUT requests are idempotent. That is, calling the same PUT request multiple times will always produce the same result. In contrast, calling a POST request repeatedly have side effects of creating the same resource multiple times.
The HEAD Method
HEAD is almost identical to GET, but without the response body.
In other words, if GET /users returns a list of users, then HEAD /users will make the same request but will not return the list of users.
HEAD requests are useful for checking what a GET request will return before actually making a GET request - like before downloading a large file or response body.
The DELETE Method
The DELETE method deletes the specified resource.
The OPTIONS Method
The OPTIONS method describes the communication options for the target resource.
src. w3schools
Is an API endpoint the 'method', like https://api.foursquare.com/v2/venues/ or the full URL including non-query-string parameters like https://api.foursquare.com/v2/venues/5104
In other words, are these two separate endpoints or considered the same endpoint?
http://myapi.com/somemodel/1
http://myapi.com/somemodel/2
According to this Wikipedia article, the endpoint is a web service, defined by a WSDL file, and
does nothing more than define the
address or connection point to a web
service. It is typically represented
by a simple HTTP URL string.
Microsoft uses the term endpoint in various contexts, but they all amount to the same thing: the endpoint is the entire interface, not one particular method.
In the context of a REST endpoint, the endpoint would contain the requisite GET, PUT, POST and DELETE methods (as applicable).
Is it allowable to pass parameters to a web page through the URL (after the question mark) when using the POST method? I know that it works (most of the time, anyways) because my company's webapp does it often, but I don't know if it's actually supported in the standard or if I can rely on this behavior. I'm considering implementing a SOAP request handler that uses a parameter after the question mark to indicate that it is a SOAP request and not a normal HTTP request. The reason for this that the webapp is an IIS extension, so everything is accessed via the same URL (ex: example.com/myisapi.dll?command), so to get the SOAP request to be processed, I need to specify that "command" parameter. There would be one generic command for SOAP, not a specific command for each SOAP action -- those would be specified in the SOAP request itself.
Basically, I'm trying to integrate the Apache Axis2/C library into my webapp by letting the webapp handle the HTTP request and then pass off the incoming SOAP XML to Axis2 for handling if it's a SOAP request. Intuitively, I can't see any reason why this wouldn't work, since the URL you're posting to is just an arbitrary URL, as far as all the various components are concerned... it's the server that gives special meaning to the parts after the question mark.
Thanks for any help/insight you can provide.
Lets start with the simple stuff. HTTP GET request variables come from the URI. The URI is a requested resource, and so any webserver should (and apache does) have the entire URI stored in some variable available to the modules or appserver components running within the webserver.
An http POST which is different from an http GET is a separate logical call to the webserver, but it still defines a URI that should process the post. A good webserver (apache being one) will again make the URI available to whatever module or appserver is running within it, then will additionally make available the variables which were sent in the POST headers.
At the point where your application takes control from apache during a POST you should have access to both the GET and POST variables and be able to do whatever control logic you wish, including replying with a SOAP protocol instead of HTML.
If you are asking whether it is possible to send parameters via both GET and POST in a single HTTP request, then the answer is "YES". This is standard functionality that can be used reliably AFAIK.
One such example is sending authentication credentials in two pieces, one over GET and the other through POST so that any attempt to hijack a session would require hijacking both the GET and POST variables.
So in your case, you can use POST to contain the actual SOAP request but test for whether it is a SOAP request based on the parameter passed in GET (or in other words through the URL).
I believe that no standard actually defines the concept of "HTTP parameters" or "request variables". RFC 1738 defines that an URL may have a "search part", which is the substring after the question mark. HTML specifies in the form submission protocol how a browser processing a FORM element should submit it. In either case, how the server-side processes both the search part and the HTTP body is entirely up to the server - discarding both would be conforming to these two specs (but fairly useless).
In order to determine whether you can post a search part to a specific service, you need to study this service's protocol specification. If the service is practically defined by means of a HTML form, then you cannot use a mix - you can't even use POST if the FORM specifies GET (and vice versa). If you post to a web service, you need to look at the web service's WSDL - which will typically mandate POST; with all data in a SOAP message. Etc.
Specific web frameworks may have the notion of "request variables" - whether they will draw these variables both from a search part and a request body, you need to find out in the product documentation.
I deployed a web application with 3 (a mobile network operator) in the UK. It originally used POST parameters, but the 3 gateway stripped them (and X-headers as well!). So beware...
allowable? sure, it's doable, but i'm leaning towards the spec suggesting dual methods isn't necessarily supposed to happen, or be supported. RFC2616 defines HTTP/1.1, and i would argue suggests only one method per request. if you think about your typical HTTP transaction from the client side, you can see the limitation as well:
$ telnet localhost 80
POST /page.html?id=5 HTTP/1.1
host: localhost
as you can see, you can only use one method (POST/GET, etc...), however due to the nature of how various languages operate, they may pick up the query string, and assign it to the GET variable. ultimately though, this is a POST request, and not a GET.
so basically, yes this functionality exists, is it intended? i would say no.