Is there any reason not to use HTTP PUT and DELETE in a web application?

Question

Looking around, I can\'t name a single web application (not web service) that uses anything besides GET and POST requests. Is there a specific reason for this? Do some browsers

Answer 1

Some proxy servers with tough security policies might drop them. I'm using PUT and DELETE anyways.

Answer 2

Personally, I really don't see any purpose for using PUT or DELETE in a web application. All operations that an application performs are read or write, aka input output. Why do you need to distinguish the nature of the operation in the header of the HTTP request? I could make ajax calls with the same url of form /object/object_id and do multiple operations like delete, update, get the value, or create. Just by looking at the URL, I have no clue which one it is. By using GET and POST only, my urls will be:

/object/id/delete

/object/id/create

/object/id/update

/object/id --> implied GET

etc.

Based on my limited experience, this is a lot cleaner than hidden header request types in many cases. I am not saying one should never use PUT or DELETE, just saying, use them only if absolutely needed.

Refer to "RESTful Web API" by Leonard Richardson to read more about different use cases and conventions regarding HTTP request methods in a RESTful web api.

Answer 3

Quite simply, the HTML 4.01 form element only allows the values "POST" and "GET" in its method attribute

Answer 4

I've read that some browsers do not support other HTTP methods properly, though I can't name any specifics.

Rails, in particular, will pack your forms with a method parameter to explicitly set this even if the browser doesn't support those methods. That seems like a reasonable precaution if you're going to do this.

Answer 5

This depends on your browser and Ajax library. For example jQuery supports all HTTP methods even though the browser may not. See for example the jQuery "ajax" documentation on the "type" attribute.

The Restlet Java framework lets you tunnel PUT and DELETE requests through HTML POST operations. To do this, you just add method=put or method=delete to your URI's query string, eg:

http://www.example.com/user=xyz?method=delete ...

This is the same as Ruby on Rails' approach (as described by @ars above).

Answer 6

I say use all the features of HTTP, browsers be damned, lol. Maybe it'll inspire more complete and proper use of the HTTP protocol moving forward. There's more happening on the net than just POSTs and GETs. About time browser implementations reflected this.