REST和GET ...再次 [英] REST and GET ... again
问题描述
我很高兴与url之间的对应和资源,但为什么我的GET请求不能在请求的主体中使用json或xml(HTTP规范允许的)复杂的数据?
据我了解,GET的要点是GET请求表明它们不会修改服务器状态。这似乎与请求的复杂性正交。然而,许多人认为使用PUT或POST创建复杂的查询,然后在GET中引用。
这似乎在提升一个惯例(没有尸体在GET请求中)到原则的状态,带来不幸的副作用:必须维护另一个不适合自己作为资源的对象的状态 - 这就是查询。
但也许还有一些其他的原则我缺少 - 我欢迎您的意见! 恐惧的是,现有的网络中间商会放弃你的GET机构。幸运的是,新的httpbis规范已经重写了关于获取body的文本,并且让它变得更加可怕。就我个人而言,我正在考虑使用自己的身体获取,因为我想记录不安全的请求,目前我没有简单的方法来确定POST是否安全。
如果您可以控制位于您的用户代理和原始服务器之间的组件,那么我说继续,使用GET与body。
Generally speaking, the REST community seems to dislike complex data in GET requests. I wonder if there is a good principle behind this, or is it just reifying the (arbitrary url length) restrictions on GET dictionaries?
I am happy with the correspondence between urls and resources, but why can't my GET requests take complex data in the body of the request, in json or xml (which is allowed by the HTTP spec)?
The point of GET as I understood it was that GET requests signal that they don't modify server state. This seems orthogonal to the complexity of the request. Yet many people suggest that complex queries be created with a PUT or POST, and then referred to in a GET.
This seems to be elevating an convention (of not having bodies on GET requests) to the status of a principle, with unfortunate side effects: having to maintain the state of another object that doesn't deserve to be a resource on its own -- that is the query.
But perhaps there is some other principle I am missing -- I welcome your comments!
The fear is that existing web intermediaries will drop your GET body. Fortunately the new httpbis specs have reworded the text on get bodies and made it a little less scary. Personally, I'm considering using gets with bodies myself because I want to log unsafe requests and at the moment I have no easy way to identify if a POST is safe or not. If you have control over the components that sit between your user-agent and origin server then I say go ahead, use GETs with bodies.
这篇关于REST和GET ...再次的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
