为什么使用 HTTP PUT 和 DELETE 方法而不是 POST?
new_story GET /story/new(.:format) {:action=>"new", :controller=>"stories"}
edit_story GET /story/edit(.:format) {:action=>"edit", :controller=>"stories"}
story GET /story(.:format) {:action=>"show", :controller=>"stories"}
PUT /story(.:format) {:action=>"update", :controller=>"stories"}
DELETE /story(.:format) {:action=>"destroy", :controller=>"stories"}
POST /story(.:format) {:action=>"create", :controller=>"stories"}
在 Web 开发中,我使用过其他技术,我只使用过 GET
和 POST
方法,但在 Rails 中使用 RESTful
路由,默认情况下PUT
和 DELETE
方法用于 update
和 destroy
操作。 使用 PUT
和 DELETE
的优点或需求是什么? 我认为这些方法只是执行 POST
的另一种方式 - 但为什么不坚持使用 POST
呢?
new_story GET /story/new(.:format) {:action=>"new", :controller=>"stories"}
edit_story GET /story/edit(.:format) {:action=>"edit", :controller=>"stories"}
story GET /story(.:format) {:action=>"show", :controller=>"stories"}
PUT /story(.:format) {:action=>"update", :controller=>"stories"}
DELETE /story(.:format) {:action=>"destroy", :controller=>"stories"}
POST /story(.:format) {:action=>"create", :controller=>"stories"}
In web development I have done with other technologies, I only ever used GET
and POST
methods, but with RESTful
routes in Rails, by default the PUT
and DELETE
methods are used for the update
and destroy
actions. What's the advantage or need for using PUT
and DELETE
? I assume these methods are just another way of doing POST
- but why not just stick with POST
?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
优点主要是语义上的,并且还可以在一定程度上简化 URL。 不同的 HTTP 方法映射到不同的操作:
然后,理论上,您可以使用相同 URL,但使用不同的方法与之交互; 用于访问资源的方法定义了实际的操作类型。
但实际上,大多数浏览器仅支持 HTTP GET 和 POST。 Rails 在 HTML 表单中使用了一些“欺骗”,就像发送了 PUT 或 DELETE 请求一样,尽管 Rails 仍然对这些方法使用 GET 或 POST。 (这解释了为什么您可能没有在其他平台上使用过 DELETE 或 PUT。)
The advantage is mostly semantic, and can also simplify URLs to an extent. The different HTTP methods map to different actions:
Then, in theory, you can use the same URL, but interact with it using different methods; the method used to access the resource defines the actual type of operation.
In practice, though, most browsers only support HTTP GET and POST. Rails uses some "trickery" in HTML forms to act as though a PUT or DELETE request was sent, even though Rails is still using GET or POST for these methods. (This explains why you might not have used DELETE or PUT on other platforms.)
我只是想在已接受的答案中添加一些内容,因为他对 http 动词的定义不正确。 它们都有一个“应该”遵循的规范,您可以根据规范使用多个
http 动词
创建/更新/删除。我将重点介绍 W3 的 RFC 2616
我将从
PUT
开始,因为在我看来,它是最令人困惑的。PUT 用于创建/更新 PUT 更新,方法是用请求中发送的资源完全替换服务器上的资源
例如,
您对我的 api 进行此调用,
我的服务器在服务器上拥有此资源
现在,我现有的资源已完全被您发送过来的资源所取代,这就是我服务器上的资源。
因此,如果您
PUT
并且仅在正文中发送电子邮件,我的服务器将完全替换实体
,并且
名称将消失。 部分更新是针对
PATCH
的,但我还是使用POST
来进行更新。我们使用 put 创建/更新的主要原因之一是因为它是幂等的。
这只是一个奇特的术语,它的基本定义是多个相同的请求对于单个请求来说是相同的。
示例
假设我将一个文件
PUT
到api/file
,如果源服务器找不到该文件,它将创建一个文件。 如果它确实找到了一个文件,它将用我发送过来的文件完全替换旧文件。 这可以确保创建和更新一个文件。如果不存在文件并且您调用PUT
5 次,则第一次创建文件,然后另外 4 次将替换包含您发送过来的内容的文件。 如果您调用POST
5 次来创建,它将创建 5 个文件。您 PUT 到该确切的 URI。 如果不这样做,则必须向用户发送 301(永久移动)并允许,然后选择是否重定向请求。 大多数时候,您 PUT 到的服务器通常托管资源并负责更新它
这些是何时使用 PUT 的要点
就
POST
而言您还可以创建/更新,然后一些...
正如我上面提到的,有一些关键的区别。
POST
可以将资源附加到现有集合并决定其存储位置。现在
Delete
怎么样?为什么我不直接POST
呢?当您
DELETE
时,服务器不应该响应成功,除非您当时删除资源或将其移动到无法访问的位置响应已发送。为什么这很重要? 如果您调用
DELETE
但资源在删除之前必须经过“APPROVAL”怎么办? 如果删除可以被拒绝,您就无法发送成功的错误代码,并且如果您确实遵循了基本规范,那么调用者就会感到困惑。 这只是一个例子,我相信您还可以想到许多其他例子。我只是强调了有关何时使用常见
Http 动词
的一些要点I just wanted to add something to the accepted answer because his definition of the
http verbs
are incorrect. They all have a spec which "should" be followed and you can create/update/delete with multiplehttp verbs
based on the specs.I am going to highlight some of the important bits in the RFC 2616 by W3
I'm going to start with
PUT
because in my opinion it has the most confusion surrounding it.PUT is used for both create/update PUT updates by completely replacing the resource on the server with the resource sent in the request
For example
You make this call to my api
my Server has this resource living on the server
Now my existing resource is completely replaced by what you sent over and this is what I have on my server.
So if you
PUT
and only send an email in the bodyMy Server will completely replace the entity
With
And Name will be gone. Partial updates are for
PATCH
but I usePOST
for that anyway.One of the main reasons why we create/update with put is because it is idempotent.
It's just a fancy term and the basic definition of it is multiple identical requests are the same for a single request.
Example
Suppose I
PUT
a file toapi/file
if the origin server does not find that file it will create one. If it does find a file it will completely replace the old file with the one I sent over. This ensures that one file is ever created and updated. If no file exists and you callPUT
5 times, the first time it creates a file then the other 4 times it replaces the file with what you send over. If you call aPOST
5 times to create it will create 5 files.You PUT to that exact URI. If you don't you have to send a 301 (Moved Permanently) to the user and allow then make a choice whether or not to redirect the request. Most times the server you PUT to usually hosts the resource and takes care of updating it
Those are the major points in when to use PUT
As far as
POST
is concernedYou can also create/update and then some...
As I mentioned above there are a few key differences.
POST
can append a resource to an existing collection and decide where it's stored.Now what about
Delete
Why don't I justPOST
?When you
DELETE
, the server SHOULD NOT respond with success unless you delete the resource or move it to an inaccessible location at the time the response is sent.Why is that important? What if you call
DELETE
but the resource has to go through "APPROVAL" before being deleted? If the delete can be rejected you can't send a successful error code and if you do follow the basic specs on this it's confusing to the caller. Just an example I'm sure you can think of many others.I just highlighted some of the major points on when to use the common
Http verbs
这是 HTTP 1.1 规范的 “方法”部分; 它定义了很多方法,并且它们都有不同的优点和权衡。
POST
是最灵活的,但需要权衡很多:它不可缓存(因此互联网的其余部分无法帮助您扩展),它不安全或幂等,因此客户端无法只是重新发送它会出现错误,并且不再清楚您要完成的任务(因为它非常灵活)。 我确信还有其他的,但这应该足够了。 鉴于此,如果 HTTP 规范定义的方法完全符合您希望请求执行的操作,则没有理由发送POST
。POST
如此常见的原因是,至少从历史上看,网络浏览器仅支持GET
和POST
。 由于GET
被定义为安全且幂等的(即使许多应用程序不遵守这一点),因此修改数据的唯一安全方法是发送发布
。 随着 AJAX 和非浏览器客户端的兴起,情况已不再如此。顺便说一句,@mipadi 给出的映射是标准映射,但它不是唯一有效的映射。 例如,Amazon S3 使用
PUT
创建资源。 使用POST
的唯一原因是客户端没有足够的知识来创建资源,例如,您使用关系数据库支持资源并使用人工代理键。Here's the "methods" section of the HTTP 1.1 spec; it defines lots of methods, and they all have different benefits and tradeoffs.
POST
is the most flexible, but the tradeoffs are numerous: it's not cacheable (so the rest of the internet can't help you scale), it isn't safe or idempotent so the client can't just resend it gets an error, and it is no longer clear exactly what you're trying to accomplish (because it's so flexible). I'm sure there are others but that ought to be sufficient. Given all that, if the HTTP spec defines a method that does exactly what you want your request to do, there's no reason to send aPOST
instead.The reason
POST
is so common is that, historically at least, web browsers only supportedGET
andPOST
. SinceGET
is defined to be safe and idempotent (even though many applications don't adhere to that), the only safe way to modify data was to send aPOST
. With the rise of AJAX and non-browser clients, that is no longer true.BTW, the mapping @mipadi gave is the standard mapping, but it isn't the only valid one. Amazon S3, for instance, uses
PUT
to create resources. The only reason to usePOST
is if the client doesn't have sufficient knowledge to create the resource, e.g., you back your resources with a relational database and use artificial surrogate keys.这有点像问为什么要“删除”文件,而您可以将其内容设置为零字节,并且文件系统只会将其视为删除。 HTTP 永远支持除 GET/POST 之外的动词,但 SOAP 的演变方式有点扭曲了这些动词的原始含义。 REST 是一种更简单、回归基础的方法,它按预期使用动词,而不是在有效负载内发明一些新的动词概念。
That'd be kind of like asking why "delete" a file when you could just set its contents to zero bytes and the file system would just treat that as a delete. HTTP has supported verbs other than GET/POST forever but the way SOAP evolved kinda twisted the original meaning of those verbs. REST is a simpler, back to basics approach that uses the verbs as they were intended instead of inventing some new verb concept inside of the payload.