2

Using REST principles and HTTP headers, I want to tell my clients that my response is READ-ONLY. My Content-Type is text/plain. Some of my responses are READ-ONLY and others are not, and my client can't tell the difference until he does a PUT and it errors out, making for a bad user experience.

Do I need to set my Content-Type to text/vnd.read-only or application/octet-string?

VernonFuller
  • 1,445
  • 2
  • 10
  • 10
  • Return the status as part of the data. – user2864740 Mar 27 '15 at 16:39
  • What is your content? If it's JSON (then you shouldn't use text/plain) or any other object type you could include a field in the response. There's no standard HTTP header for this. – CodeCaster Mar 27 '15 at 16:40
  • The data is a user contributed plain text document. I could add a field to my JSON meta data that describes the document. – VernonFuller Mar 27 '15 at 16:57
  • You already answered your question. HTTP OPTIONS. Adding a 'read-only' field to the payload is something you have to document for your media-type. It's not an HTTP feature. – Pedro Werneck Mar 27 '15 at 17:35

3 Answers3

3

Usually, a client would make an HTTP OPTIONS request to the resource. If the PUT is listed in the "Allow" header, then the resource can be modified.

If there is a Content-Type response of application/JSON, then a field could be added to the JSON metadata that marks the payload as READ-ONLY.

VernonFuller
  • 1,445
  • 2
  • 10
  • 10
0

I don't think that there is a dedicated HTTP header for this.

That said, I see however two possibilities to provide this hint within your response:

  • Add a custom header within your response that tells the end user that the content is read-only. Something like that:

    GET http://...
(...)
Content-type: application/json
x-readonly: true
{
    (...)
}

  • You could also add a parameter within the header Content-Type. See this link http://www.ietf.org/rfc/rfc1521.txt (page 9) for the format of this header. You can see that you can add parameter in it. This won't break its handling by REST libraries and frameworks. So you could have something like that:

    GET http://...
(...)
Content-type: application/json; readonly=true
{
    (...)
}

Hope it helps you, Thierry

Thierry Templier
  • 198,364
  • 44
  • 396
  • 360
-2

Maybe you can use statuscode for this issue? http://en.wikipedia.org/wiki/List_of_HTTP_status_codes

miago
  • 119
  • 1
  • 1
  • 7
  • 1
    Which one then? The only viable for a successful GET is 200, which you can't use to tell the response is read-only. OP doesn't want to return a 4xx _after_ the PUT, but wants to transfer the information of the entity being read-only after the GET so the client knows it can't PUT that entity at all. – CodeCaster Mar 27 '15 at 16:47
  • @miago : If giving an answer, please consider https://stackoverflow.com/help/how-to-answer . – philburns Nov 18 '22 at 19:47