0

  1. Sometimes it may need query data which can exceed GET length limit so I am considering to use POST. Query does change anything, just returns data according to the parameters.

  2. I am using GET for link with token which is sent as email for user. It changes state so GET is not suitable but more convenient to use.

Is it good practice to use these solutions?

Justinas Jakavonis
  • 8,220
  • 10
  • 69
  • 114

1 Answers1

1
  1. This is not in the spirit of what a POST is intended for within the HTTP specification, but it doesn't break any rules provided you return a suitable response - I assume 200 (OK) - rather than one that indicates the creation of a resource. Before going down this route I suggest you consider whether you can reduce your query string length by encapsulating parameter information as resource or collection identifiers within the URI. For example if you have a query GET http://host/customer?country=UK&name=foo you could represent this as GET http://host/country/UK/customers/foo.
  2. Any use of GET that changes state is not 'Safe' and therefore violates the HTTP specification.

So, in both cases I would say this is bad practice, but (1) is allowable provided you genuinely cannot overcome the querystring limit some other way.

Source: RFC2616 - section 9: Method definitions

ma499
  • 601
  • 4
  • 13