Re: Evaluating HTTP Methods in the Spec

Adam van den Hoven wrote:
> Good morning, 
>
> I've been thinking about this as I'm building an online banking 
> application for the iPhone. I've often argued that HTML browsers are 
> not RESTful clients since they are only capable of issuing GET and 
> POST commands (at least from user initiated events). JavaScript and 
> the XHR object is restful, but the browser itself is not. I've always 
> thought that this was a failing of HTML; its resulted in some 
> (necessarily) unfortunate design. Either you use a GET to delete 
> something or you create a form that consists solely of a submit 
> button. Either you have suspicious markup or you have ill-advised 
> server code. 
>
> I think that there are some very simple things that we can do to 
> improve the state of things. 
>
> 1) Allow a METHOD attribute on any element that allows an HREF or 
> ACTION attribute (namely 'a' and 'form' tags)
> 2) Allow any HTTP method in the METHOD attribute, including those not 
> defined by HTTP. (i.e. allow one to introduce new, ad hoc methods - 
> which is allowed by the HTTP spec - without breaking HTML)
Unfortunately it is not clear that this will not break sites. At present 
unknown methods are treated as GET in browsers; this behavior is 
required in the web-forms 2 draft [1]. There is also a non-negligible 
population of sites using method values not in the set (GET, POST, PUT, 
DELETE) (e.g. [2] which reports all method attribute values encountered 
on a survey of ~15k sites).

[1] http://www.whatwg.org/specs/web-forms/current-work/#methodAndEnctypes
[2] http://www.cl.cam.ac.uk/~pjt47/misc/method.txt

Received on Tuesday, 18 December 2007 23:31:03 UTC