Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
LLAMS36644yThis rant is too generic for me to figure out if its a legit rant or trolling.
Like what are we talking here? Using all query params instead of a post body? or do you just hate all URL params? Including path params? -
Hazarth94844ySure It's legal, It's valid HTTPs...
Also the body of a Post is for data. But if you want to specify a resource that's where url params and query params come in...
POST body should for the most part include things that are actually gonna be saved or used for creating a resource.
URL params should specify *which* resource you're using
Query params should further specify the scope of the resource if needed!
This is a made up nonsense example, but say you have a system like DevRant, and as an admin you want to post a comment on all rants tagged with "javascript" for the user "jerry". The Request might look like this then:
POST /user/jerry/rants?tag=javascript
Body:
{"text":"Stop pls..."}
I can't think of an actually useful example right now, but you can see the separation of concerns. It's cleaner than posting a body that has to be parsed into several objects and fields just to filtered and processed.
Kinda as if your post envelope had the address and stamp on the inside -
lotd77754y@Hazarth mmh.
I kinda assumed that a post request expecting all params to be in query.
Too used to it. I usually just use jq or other to serialize the form in those cases.
It's slightly annoying with like forms containing personal data, like names or worse.. credit cards..
I usually just shrug and go " I just work here " in those cases. -
kyokid4084y@Hazarth fair enough. I totally get your point of view, but the API I'm supposed to work with requires me to send 30+ params as query string params (including stringifying an array because why not?) while the request body has to be empty. Do you feel my pain?
-
eo287539924yIn the WordPress API, you sometimes have to authenticate through the query instead of the headers because the plugins erase the headers. But WordPress sucks and query authentication sucks too.
-
POST request is for sensitive or long data, if there is some other kind of data which isn't either of above and is related to request metadata, then, it's good to put it as query parameter.
-
Hazarth94844y@kyokid
Oh god no... That's much worse than I thought and honestly breaks all the rules I tried to describe...
Yeah, that's not right :(
Link the http reference sheet to the backend devs, they don't know what they are doing -
LLAMS36644y@kyokid Thats all kinds of awful, and will almost certainly run into url character limit related issues at some point.
Related Rants
What do you guys think about backend developers who design&implement POST requests with URL parameters? Is this even legal? 🙄
rant
backend dev
post
api design
rest api
backend