HTTPQUERY
中文

HTTP Methods

Covers the common methods plus the newly published QUERY method. Badges mark whether each method is safe / idempotent / cacheable / allows a body.

QUERYNEW

A safe query method that carries a request body — a “GET with a body”.

safe ✓idempotent ✓cacheable ✓body ✓

QUERY (IETF draft draft-ietf-httpbis-safe-method-w-body) is a newly introduced method: safe, idempotent, and allowed to carry a request body. It solves GET’s inability to safely carry a body and the need to cram complex queries into bloated URLs, while avoiding the “unsafe / non-cacheable” semantic mismatch of using POST for queries. Responses are cacheable; the server should indicate the queried resource’s location via Content-Location as the cache key. Ideal for complex search, GraphQL-style queries, and retrievals with many filters.

GET

Retrieve a resource; should have no side effects.

safe ✓idempotent ✓cacheable ✓body ✗

The most common method, used to read resources. Safe (no server state change), idempotent, cacheable. A request body has no defined semantics in GET and should be avoided.

POST

Submit data, often creating a resource or triggering processing.

safe ✗idempotent ✗cacheable ✗body ✓

Submits data to the server. Neither safe nor idempotent — repeating it may create multiple resources. Often misused for queries (since it can carry a body), but its semantics don’t fit querying — exactly one case QUERY aims to replace.

PUT

Replace the target resource in full.

safe ✗idempotent ✓cacheable ✗body ✓

Replaces the target resource with a complete representation. Idempotent — repeating the same PUT yields the same result. Usually creates the resource if it doesn’t exist.

PATCH

Apply a partial modification to a resource.

safe ✗idempotent ✗cacheable ✗body ✓

Applies a partial update (e.g. JSON Patch / JSON Merge Patch). Not guaranteed idempotent by default; depends on the patch document’s semantics.

DELETE

Delete the target resource.

safe ✗idempotent ✓cacheable ✗body ✗

Deletes the specified resource. Idempotent — deleting an already-deleted resource yields a consistent result (typically 404/204).

HEAD

Like GET but returns only headers, no body.

safe ✓idempotent ✓cacheable ✓body ✗

Used to fetch metadata (e.g. Content-Length, Last-Modified) without downloading the body. Safe, idempotent, cacheable.

OPTIONS

Query the communication options supported for the target resource.

safe ✓idempotent ✓cacheable ✗body ✗

Returns information such as the methods the server supports for the target resource; commonly seen in CORS preflight requests.

TRACE

HTTP TRACE performs a loopback diagnostic test along the request path. Reveals proxy modifications, security risks, and why servers disable TRACE in production.

safe ✓idempotent ✓cacheable ✗body ✗

Diagnosing how intermediaries modify requests along the path to a server is the purpose of the HTTP TRACE method. The final recipient reflects the received request back as the response body, revealing changes made by proxies and gateways.

CONNECT

HTTP CONNECT establishes a TCP tunnel through a proxy for HTTPS and other protocols. Tunneling flow, proxy behavior, and security considerations.

safe ✗idempotent ✗cacheable ✗body ✗

When a client behind a proxy needs a direct TCP channel to a remote host, it uses the HTTP CONNECT method to establish a tunnel through the intermediary.