7

Most of the times, websites mainly only use GET and POST for all operations, yet there are seven more verbs out there. Where they used in older times but not so much now?

Or maybe is it because some browsers don't recognize the other verbs? And if that's the case, why do browser vendors choose to implement half of the protocol?

[Update]

I found this article which gives a good summary about the situation: Why REST failed.

Andreas Grech
  • 105,982
  • 98
  • 297
  • 360
  • RESTful web services make use of many of the verbs, so does a lot of server-side software. GET and POST are sufficient for many 'traditional' web pages though... – Michael May 03 '11 at 11:13
  • Actual, there are more than seven more verbs. See http://tools.ietf.org/html/draft-ietf-httpbis-method-registrations-05. – Julian Reschke May 03 '11 at 12:15
  • 1
    The article you mentioned focuses on REST in browsers - it's still alive and well for B2B / server to server usage. – Michael May 03 '11 at 13:07
  • 1
    @Mikaveli: To add to that, it's an old article. REST services have become a lot more popular in recent years. – Evert May 03 '11 at 13:43

3 Answers3

9

The HTML spec is a big culprit, only really allowing GET, POST and HEAD. They are getting used quite a bit though, but not as much directly in browsers.

The most common uses of the other crud-verbs such as PUT and DELETE are in REST services and WebDAV.

You'll see OPTIONS more in the future, as it's used by the CORS specification (cross domain xmlhttprequest).

TRACE is pretty much disabled everywhere, as it poses a pretty big security risk. CONNECT is definitely used quite a bit by proxies.

PATCH is brand new. While it's odd to me that they decided to add it to the list (but not PROPFIND, MKCOL, ACL, LOCK, and so on), I do think we'll see it appear more in the future in RESTful services.

Addendum: The original browser used both GET and PUT (the latter for updating web pages). Later browsers pretty much became read-only until forms and the POST request made their way into the specifications.

Evert
  • 93,428
  • 18
  • 118
  • 189
  • How does the HTML spec prevent PUT/DELETE/HEAD? – Joachim Sauer May 03 '11 at 11:23
  • In the context of HTML, there is no mention of methods other than GET and POST. It doesn't prevent the other methods perse, but it also doesn't provide the means to do the other requests. On top of that it's very recent that the XMLHTTPRequest object can execute methods other than GET/POST. – Evert May 03 '11 at 11:27
  • I think he's referring to the common HTML form methods. http://www.w3.org/TR/html401/interact/forms.html#adef-method – Michael May 03 '11 at 11:27
  • So while it does not prevent it, browsers (or html or javascript) have not provided the means to do other requests. method="PUT" or method="DELETE" would have been nice in html forms. – Evert May 03 '11 at 11:28
  • @Evert: sorry, I read "HTTP spec". Somehow I still managed to write "HTML" in my comment. Classical Think-o. – Joachim Sauer May 03 '11 at 11:29
  • @Evert: when you say "While it's odd to me that they decided to add it to the list (but not PROPFIND, MKCOL, ACL, LOCK, and so on), I do think we'll see it appear more in the future in RESTful services." -- what do you mean by that? PATCH has exactly the same status as (most of) the WebDAV methods -- Proposed Standard. – Julian Reschke May 03 '11 at 12:16
  • The wiki page was specifically about HTTP. So it was odd to me that they decided to include the PATCH extension in the article, while there are in fact, many others. (you being responsible for quite a few I'm sure). As for my second point, I think we'll see PATCH becoming more popular in public Web API's. I don't think this is the case for most of the WebDAV methods. – Evert May 03 '11 at 13:40
  • This is just speculation though. – Evert May 03 '11 at 13:40
  • Wow. This proved rather prophetic. Good job Evert! – OneHoopyFrood Jun 22 '22 at 15:26
1

Most of them are still used, though not as widely as GET or POST. For example RESTful web services use PUT & DELETE as well as GET & POST:

RESTful Web Service - Wiki Article

HEAD is very useful for server debugging of the HTTP headers, but as it doesn't return the response body, it's not much use to the browser / average web visitor...

Other verbs like TRACE aren't as widespread, because of potential security concerns etc. Mentioned briefly in the Wiki article:

HTTP Protocol Methods - Wiki Article

Michael
  • 7,348
  • 10
  • 49
  • 86
0

A decade later, these other verbs are used very commonly in RESTful APIs, which back nearly all of today's ubiquitous SPA applications and many mobile applications.

Though, interest in REST as an API structure is beginning to wane with the advent of GraphQL and growing interest in functional programming styles which benefit from RPC-style API structures.

OneHoopyFrood
  • 3,829
  • 3
  • 24
  • 39