4

Since verbs target a URL like server.domain/getallrecords or server.domain/delete1record or something similar. And getallrecords, delete1record are specifically designed for specific purposes, why do we need Verbs here ?

Whats the difference between a get call to 

server.domain/getallrecords or 
server.domain/delete1record

or a put (or post or delete) call to any of the above URL ?

John Saunders
  • 159,224
  • 26
  • 237
  • 393
user4032346
  • 379
  • 1
  • 4
  • 10

1 Answers1

8

If you go the RPC way it seems like HTTP verbs are useless.

HTTP verbs are a good companion of REST-style HTTP services, because resource-oriented URIs won't contain an action identifier but a resource.

For example, server.domain/getallrecords would be server.domain/records and if you perform a request to this resource using HTTP/GET, resource will be mapped to a server method which will return all records, if you perform the same request using HTTP/POST, it would create a new record, and so on.

You need to decide: RPC or REST, and depending on this, you'll find HTTP verbs useful or not. I would suggest you that using HTTP verbs is a good way of using a well-known protocol - HTTP - with predefined verbs, instead of inventing your own ones. But again, it depends on your own thoughts, preferences and requirements.

Matías Fidemraizer
  • 61,574
  • 17
  • 117
  • 195
  • 1
    Allow me to add to this answer that your default cross domain reference protections by default will prevent Verbs such as `DELETE`, `POST` and `PUT` from being accessible. If you use `GET` for everything, a malicious site could use code such as `` to trigger a delete attempt by all visiting users. If one of your users which is authorized to do so visits this site, then you could be in trouble. – tom.dietrich Sep 11 '14 at 19:36
  • 1
    @tom.dietrich BTW the scenario of removing records using `GET` verb is just a design flaw, isn't it? – Matías Fidemraizer Sep 11 '14 at 19:39
  • I don't think ASP.NET prevents cross domain `GET` requests by default, but I might be mistaken. I would definitely suggest that using `GET` for anything that is not simply retrieving data is a bad idea. – tom.dietrich Sep 11 '14 at 19:42
  • @tom.dietrich I've dropped all my comments. Now I know they were part of an useless discussion which doesn't add any value to my answer and OP's question. Now it's up to you to do so, because your comments don't help future visitors. Add your own answer explaining your own throughts, this is how SO works. – Matías Fidemraizer Sep 12 '14 at 12:47