Learnitweb

HTTP methods

HTTP (Hypertext Transfer Protocol) is the foundation of any data exchange on the Web and a protocol used for client-server communication. HTTP defines several methods (also known as verbs) that indicate the desired action to be performed on the identified resource.

1. GET

Purpose:

The GET method is used to request data from a server at a specific resource location. It is the most commonly used HTTP method.

Characteristics:

  • Safe: The GET method should not cause any side effects. It is meant only for data retrieval, not for modifying or updating resources.
  • Idempotent: Multiple GET requests to the same resource will return the same result (assuming no changes are made on the server in between).
  • Cacheable: Because it’s safe and idempotent, browsers and proxy servers can cache the response, improving performance.
  • Limited in Payload: The data is sent via the URL query string, which has length limitations.

Use Case:

  • Fetching a list of products from an e-commerce catalog.
  • Loading a user profile from an API.
  • Retrieving articles from a news API.

Example:

GET /users/123 HTTP/1.1
Host: example.com

The server responds with data about the user with ID 123.

2. POST

Purpose:

The POST method is used to submit data to the server for processing. It is typically used when creating a new resource.

Characteristics:

  • Not Idempotent: Sending the same POST request multiple times will likely result in multiple resources being created.
  • Flexible: Can be used for operations like user registration, file uploads, or starting workflows.
  • Body Required: Data is sent in the body of the request, commonly in JSON, XML, or form-encoded formats.
  • Not Cacheable: Most responses from POST are not cacheable by default.

Use Case:

  • Registering a new user on a platform.
  • Submitting a contact form or survey response.
  • Sending transaction data in an e-commerce platform.

Example:

POST /users HTTP/1.1
Host: example.com
Content-Type: application/json

{
  "name": "John Doe",
  "email": "john@example.com"
}

The server creates a new user record.

3. PUT

Purpose:

The PUT method is used to replace an existing resource or create it if it doesn’t already exist.

Characteristics:

  • Idempotent: Making the same PUT request multiple times will result in the same server state.
  • Full Update: When used to update a resource, it usually replaces the entire entity with the one provided in the request body.
  • URI-Specific: The client specifies the resource URI, unlike POST, where the server often decides the new URI.

Use Case:

  • Updating a user profile with all new values.
  • Replacing a document stored in a database.
  • Saving configuration settings.

Example:

PUT /users/123 HTTP/1.1
Host: example.com
Content-Type: application/json

{
  "name": "John Doe Updated",
  "email": "john.updated@example.com"
}

Replaces the user data with the new values.

4. PATCH

Purpose:

The PATCH method is used for partial updates to an existing resource. Unlike PUT, it only modifies the fields included in the request body.

Characteristics:

  • May or may not be Idempotent: It depends on the server implementation. Generally, it should be.
  • Efficient for Partial Changes: Only the changed values need to be sent, reducing bandwidth usage.
  • Selective: Doesn’t affect other parts of the resource that are not mentioned in the request.

Use Case:

  • Updating a user’s email address without modifying the rest of their profile.
  • Toggling a task’s status from “pending” to “completed”.
  • Adjusting only a product’s price without changing its name or description.

Example:

PATCH /users/123 HTTP/1.1
Host: example.com
Content-Type: application/json

{
  "email": "john.new@example.com"
}

Only the email of the user is updated.

5. DELETE

Purpose:

The DELETE method is used to remove a specified resource from the server permanently.

Characteristics:

  • Idempotent: Multiple DELETE requests on the same resource will have the same effect — the resource is removed after the first request and subsequent requests will likely return a “not found” response.
  • Permanent Action: In most cases, deletion cannot be undone unless there’s a trash/recycle-bin-like system on the server.
  • May Return Status: The server may return 204 No Content (successful deletion), 404 Not Found (resource doesn’t exist), or other status codes.

Use Case:

  • Deleting a user account.
  • Removing a comment or blog post.
  • Cancelling an order.

Example:

DELETE /users/123 HTTP/1.1
Host: example.com

Removes the user with ID 123.

6. HEAD

The HEAD method is used to fetch metadata (headers) only, without the response body. It is similar to GET, but does not return the actual resource.

Behavior and Characteristics:

  • Safe and Idempotent: Like GET, it does not change anything and can be repeated with the same result.
  • Useful for Checking Existence: You can use it to verify that a resource exists before downloading it.
  • Used in Monitoring and Optimization: Helps in checking modification dates, content length, or presence without downloading content.

Use Cases:

  • Checking if a file has changed (using Last-Modified or ETag headers).
  • Verifying if an image or document exists before loading it.
  • Determining the size of a resource (via Content-Length header).

Example:

HEAD /images/photo.jpg HTTP/1.1
Host: api.example.com

7. OPTIONS

Purpose:

The OPTIONS method is used to describe the communication options available for a specific URL or for the server in general.

Behavior and Characteristics:

  • CORS Preflight Requests: Browsers use OPTIONS to check whether a cross-origin request is allowed.
  • Safe and Idempotent: It’s purely informational and has no side effects.
  • Returns Allowed Methods: It usually responds with an Allow header listing supported methods like GET, POST, etc.

Use Cases:

  • Determining what HTTP methods are supported by a resource.
  • Used automatically by browsers during cross-origin AJAX requests.
  • Server discovery and documentation tools.

Example:

OPTIONS /users HTTP/1.1
Host: api.example.com

Response:

Allow: GET, POST, PUT, PATCH, DELETE, OPTIONS

8. TRACE

Purpose:

The TRACE method is used to diagnose or debug what a web server is receiving by echoing back the request.

Behavior and Characteristics:

  • Rarely Used: Most servers disable it due to security concerns.
  • Echo Functionality: The server returns the original HTTP request in the body of the response.

Use Cases:

  • Debugging tools to test if intermediate proxies are modifying the request.
  • Testing end-to-end request path.

Security Note:

Because it can reveal sensitive information in HTTP headers, it is often turned off in production environments.

9. CONNECT

Purpose:

The CONNECT method is used to establish a network tunnel, typically for HTTPS requests through a proxy.

Behavior and Characteristics:

  • Establishes TCP Tunnels: Often used to open a two-way tunnel (e.g., from client to a secure site through a proxy).
  • Used in Browsers: When connecting to an HTTPS site via a proxy, browsers send a CONNECT request.

Use Cases:

  • Creating a tunnel to support encrypted HTTPS connections via HTTP proxies.
  • Secure VPN connections.

Example:

CONNECT www.example.com:443 HTTP/1.1
Host: www.example.com