RESTful 架构中的给定 URI 是否应该始终返回相同的响应? [英] Should a given URI in a RESTful architecture always return the same response?
问题描述
这是的后续问题这个.
那么对于任何给定 URI 的唯一响应是否是 RESTful 架构的核心租户?这里的很多讨论都倾向于这个方向,但我没有将其视为硬性规定".
So is having a unique response for any given URI a core tenant of RESTful architecture? A lot of discussion here tends that direction, but I haven't seen it anywhere as a "hard and fast" rule.
我理解它的价值(用于缓存、抓取、传递链接等),但我也看到 twitter API 违反了它(对 http://api.twitter.com/1 的请求)/statuses/friends_timeline.xml 将根据给定的用户名而有所不同),我知道有时可能需要这样做——更不用说随着新元素的添加,按时间顺序分页的资源也会发生变化.
I understand the value of it (for caching, crawling, passing links, etc), but I also see things like the twitter API violate it (A request to http://api.twitter.com/1/statuses/friends_timeline.xml will vary based on the username given), and I understand there are times when it may be necessary--not to mention that a chronologically paged resource will also change as new elements are added.
我是应该努力消除来自同一个 URI 的不同响应,还是只是接受有时它不切实际,只要我尽量减少它的发生,我就会保持体面的状态.
Should I strive for varied responses from the same URI to be eliminated altogether, or do I just accept that sometimes it isn't practical, and as long as I minimize its occurrence, I'll be in decent shape.
推荐答案
不是相同的响应,而是相同资源的表示(取决于 conneg 和条件请求标头).在 Rest 架构中,一个 URI 标识一个且仅一个资源(但一个资源可以有多个 URI).根据授权用户(如 HTTP 身份验证、cookies 等)呈现不同的资源是不好的做法,因为相同的 URI 代表每个用户的不同资源,如 Twitter 示例中所示.我不能允许您查看我的时间线并为您提供 URI,因为这与 您的 时间线的 URI 相同.用户必须在 URI 中编码,并且访问受授权机制限制.要让单个访问点根据经过身份验证的用户呈现不同的资源,请使用重定向(例如 303 See Other、302 Found、...)
Not the same response, but a representation (wich depends on conneg and conditional request headers) of the same resource. In a Rest Architecture, a URI identify one and only one resource (but a resource can have several URI). Presenting different resource depending on the authorized user (being HTTP Auth, cookies, ...) is bad practice, since the same URI represent a different resource for each user, as in the Twitter example. I can't allow you to view my timeline and give you the URI, since this is the same URI for your timeline. The user must be encoded in the URI, and access limited by the authorization mecanism. To have a single access point presenting different resource depending on the authenticated user, use a redirect (e.g. 303 See Other, 302 Found, ...)
这篇关于RESTful 架构中的给定 URI 是否应该始终返回相同的响应?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
