#TIL the query component of a URI is actually completely opaque.
-
trwnh@mastodon.socialreplied to jbqueru@fosstodon.org on last edited by
@jbqueru the form thing is really getting to me; i only found any of this out because i was looking at the problem of ordering "query parameters" causing two URIs to be semantically equivalent despite being syntactically different.
-
oblomov@sociale.networkreplied to trwnh@mastodon.social on last edited by
@trwnh doesn't that kind of depend on the type of form? Classically for a something like a search GET would be a more appropriate method than POST or PUT …
-
trwnh@mastodon.socialreplied to oblomov@sociale.network on last edited by
@oblomov maybe? i can see arguments for search being a POST.
-
trwnh@mastodon.socialreplied to trwnh@mastodon.social on last edited by
@oblomov the semantic argument might be that GET is appropriate for when you want to refer to a query itself, for example using /search?bananas to search for "bananas". but the problems with GET are numerous:
- query components are often logged, while request bodies are not
- query components are limited in how complex they can get -- it's not easy to represent arrays, maps, hierarchical data, and so on
- search may be an expensive request, so better to not allow any old browser to do it -
@trwnh
Credit Card Debt over $20k? We Can Help - No Return pay
https://shorturl.at/6s7Ze -
socialoffers@mastodon.socialreplied to trwnh@mastodon.social on last edited by
@trwnh
#1 Weird Trick To End Tinnitus This Thanksgiving In Just 30 Seconds A Day
https://shorturl.at/E3GNR -
sankerkk@mastodon.socialreplied to trwnh@mastodon.social on last edited by
@trwnh
“Night Vision” Glasses Help Seniors Drive Safely At Night - Buy Now
https://shorturl.at/w7hNH -
dalias@hachyderm.ioreplied to trwnh@mastodon.social on last edited by
@trwnh Unless I'm mistaken it's part of the CGI spec not URI spec.
-
trwnh@mastodon.socialreplied to dalias@hachyderm.io on last edited by
@dalias yeah i figured this out downthread -- it's HTML 2.0 forms and application/x-www-url-formencoded when the form method=get
CGI also popularized it as well, although CGI takes the opaque QUERY_STRING so the convention mostly arises from html form encoding
-
oblomov@sociale.networkreplied to trwnh@mastodon.social on last edited by
@trwnh hm I'm not convinced. The main issue is that neither POST nor PUT are conceptually appropriate. Among the methods defined by HTTP, GET is the one that's conceptually closest. OTOH, those *are* problems with using a query string. Maybe they could be reduced by other means, such as additional headers or body payload (GET *can* have a payload)
-
deepaklonnu@mastodon.socialreplied to trwnh@mastodon.social on last edited by
@trwnh
ENENCE Instant Translator: Any Language, Any Country
https://shorturl.at/QSb7Z -
trwnh@mastodon.socialreplied to oblomov@sociale.network on last edited by
@oblomov well POST is "do something" not necessarily "create something". https://www.rfc-editor.org/rfc/rfc9110.html#section-9.3.3
> process the representation enclosed in the request according to the resource's own specific semantics
imo "take this request, parse some params out of it, then perform the action" is a valid way of thinking about search.
as for GET,
> requests transfer of a current selected representation for the target resource
is often but not always appropriate. depends on if you see results as a resource.
-
trwnh@mastodon.socialreplied to trwnh@mastodon.social on last edited by
and that's what it really comes down to imo -- the use of a query component fundamentally alters the identity, you are asking for a different resource when you append the query component. /search and /search?query are different resources.
-
vcvwvwvsw@mastodon.socialreplied to trwnh@mastodon.social on last edited by
@trwnh
Greater than $20k in Credit Card Debt -- We Can Help
https://shorturl.at/toZJL -
oblomov@sociale.networkreplied to trwnh@mastodon.social on last edited by
@trwnh oh good point, so if it's done by GET it *must* include the query parameters in the URL. And yeah, now I can see better why POST would be a better choice.
-
trwnh@mastodon.socialreplied to oblomov@sociale.network on last edited by
@oblomov there is one advantage to GET and that is the ability to share search results by copypasting a link to someone else or using it as an href
-
at1st@mstdn.careplied to trwnh@mastodon.social on last edited by
@trwnh @oblomov I'd add one additional benefit: they're infinitely easier to debug and test.
At least it's pretty common practice as I recall in Java EE to make an HttpServlet, generate doGet/doPost, and have doPost just call doGet, or vice versa.
Then GET URL calls let you diagnose what's being passed to which query parameter.
-
trwnh@mastodon.socialreplied to at1st@mstdn.ca on last edited by
-
jbqueru@fosstodon.orgreplied to trwnh@mastodon.social on last edited by
@trwnh No matter what assumption you make, you'll find some code out there that breaks that assumption. Everything web-related is a nightmare.
-
snowfox@tech.lgbtreplied to trwnh@mastodon.social on last edited by
@trwnh My favourite part of that rabbit hole is that + is (erroneously?) not reserved in RFCs 1738 or 1630 (and 1630's second BNF production for "safe" includes +): https://datatracker.ietf.org/doc/html/rfc1738#page-20 https://datatracker.ietf.org/doc/html/rfc1630#page-26
This, along with the "and then" in HTML 2.0, results in enough ambiguity that space-plus could be encoded as "++" or "%2B%2B" depending on how you interpret the spec.
From RFC 1630, it looks like "search" strings were originally intended to represent space-separated (user-specified?) search terms, and I still occasionally see query strings that are bare search strings.
Another fun thing is that RFC 1808 adds generic ;-params separate from the query string (and RFC 2396 moves them to be part of path components), but they are rarely used in HTTP and were too late for HTML forms. (I'm not sure any RFC defines semantics for "directory" params, but they exist.)