HTTP is the language of the web. If you’ve ever been involved in developing or communicating with a web server, chances are that you’ve been using HTTP.
HTTP is a server-client protocol. All communication is initiated by the client, in the form of an HTTP request. On receiving this request, the server sends an HTTP response back to the client.
Here is an excellent overview of HTTP that covers the structure of communication over HTTP— https://www.jmarshall.com/easy/http/
A simple HTTP request to fetch posts from a server could look like this –
GET /posts HTTP/1.1
The first part, GET is the HTTP method. The second part/posts are the URI. The third partHTTP/1.1 is the HTTP version.
The HTTP method indicates the action we wish to perform, and the URI indicates the resource that we want to perform the operation on.
The HTTP specification defines these methods – GET, POST, PUT, HEAD, DELETE, OPTIONS and a few more.
GET requests are used to retrieve information about the resource specified by the URI. GET is a safe method — that means a GET request should not result in any changes in the server state. It should not cause creation, updating or deletion of any application data. It should be used only for ‘read-only’ actions.
POST requests are used to submit data to the server. POST requests may contain a data payload to be submitted to the server. The action performed by the server is determined by the server code. POST requests may be used to create a new resource or to submit data for processing.
PUT requests are used to save an object at the location specified in the request URI. PUT requests should be idempotent. That means that if two or more identical PUT requests are received and executed, the result should be equivalent to executing such a request only once.
To draw an analogy, a=5 is an idempotent operation since running it once or multiple times results in the value of a being 5. In contrast, a=a+1 is not an idempotent operation, since the value of changes based on how many times we execute the operation.
DELETE requests are used to delete the object at the location specified in the request URI. DELETE requests are also idempotent.
HEAD requests are used to retrieve just the headers that would be present in the response of an equivalent GET call. It could be used simply to check whether or not a resource exists or to retrieve the Content-Length Header before deciding whether or not to download a large file. You could also check the Last-Modified header to see if the file was modified since you last retrieved it. The HEAD method is safe. All safe methods are also idempotent since doing nothing once has the same effect as doing nothing multiple times.
Not all POST methods need to be unsafe. We had a case where we needed to send a large number of email addresses to the server and respond with a yes or no for each of those addresses. It seemed like a GET request at first, but we discovered that some browsers and proxies limit the length of a GET request. It also started feeling more like the URI pointed to a processing service and not to an object, and that it would be fine to POST a list for processing.