Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Expanded HTTP Method Support (heroku.com)
55 points by craigkerstiens on April 22, 2013 | hide | past | favorite | 20 comments


Now, if web browser would support custom HTTP verbs, you could map application actions to http verbs and start removing the years of work-arounds that used GET and POST to tunnel what you really wanted.


I think that if this was done, there'd be a surge of blog posts not long after telling people to just use the original verbs, because everything about them - caching, idempotence, safeness, etc. - is a known quantity and doesn't change based on different interpretations of the same verb. Not to mention ridiculously confusing APIs.

    TWEET /
    GOOGLE /internet/?query=...
    LIKE /friend/jimmy
    GETPUTPOSTDELETE /i-am-too-lazy-to-use-separate-verbs


POST https://api.twitter.com/1.1/statuses/retweet/:id.json

POST https://www.googleapis.com/youtube/v3/videos/rate?id=1234...

APIs are already confusing for anything beyond CRUD operations.


That has all the disadvantages of using POST for everything, with the added disadvantage of requiring developers to read more documentation. Are there any advantages?


Nobody uses POSTs for everything. Right now we have an excellent GET/POST split.


Correct me if I am wrong, but it seems that there are a gazillion of enterprise firewalls, gateways etc that will only let GET/POST thru.


Only if you let them see your traffic. What's the problem with going SSL-only? Are there really firewalls/gateways that don't let HTTPS traffic through?


Many enterprise proxies provide certificates for the clients machines so they can process HTTPS as well.


s/process/MITM/


Bluecoat is an example of a very common transparent proxy that handles SSL traffic.


I'm seeing a 500. Maybe they forgot GET? :)


Someday I will understand how corporate blogs break so often. [1]

[1] Has written multiple CMSs that get used on mid-to-high traffic properties.


Wordpress ?


It's their new routing protocol. You get sent to the most overloaded server in the load balancer.

Edit: Sarcasm. I really do like Heroku. :)


Yeah, ran into a weird issue with our blog. Should be fixed now.


There is hope for WebDAV SEARCH, the semantic idempotent alternative to POSTing complex queries which don't fit into GET query params.


As far as I know, Heroku was using Amazon ELBs.

Given that ELB does not support arbitrary methods, does this mean they've stopped using it?


Heroku only uses ELB for custom domain SSL termination. Their HTTP router is custom. At one point it was written in Erlang, I'm not sure if that's still the case.


Something tells me they are running their own LBs now.


No. Still ELBs. Amazon changed the ELB software silently sometime last week. Our ELBs all started accepting arbitrary methods.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: