I learned the term "RESTful" as a Rails developer. After reading wikipedia, also here and here.
I don't get it. It seems to me, Rails is only using a concise way to describe URLs. It seems to me every URI is RESTful, in it's designed scope.
For example, I think GET /delete?student_id=3
is RESTful in the scope the the application itself.
Can anybody tell me which constrict does it violate? Please refer the constrict from the REST definition.
A GET
request should be idempotent and the request should not leave any side-effects on the server. Quoting from the HTTP spec sec 9.1.1:
In particular, the convention has been established that the GET
and HEAD
methods SHOULD NOT have the significance of taking an action other than retrieval. These methods ought to be considered "safe". This allows user agents to represent other methods, such as POST
, PUT
and DELETE
, in a special way, so that the user is made aware of the fact that a possibly unsafe action is being requested.
Therefore GET /delete?student_id=3
already violates the idempotency assumption of the GET
verb, since it will delete a record on the server.
A RESTful interface is a uniform interface, which in other words means that a GET
is supposed to behave as required by the HTTP spec. And this is what the spec says:
The GET
method means retrieve whatever information (in the form of an
entity) is identified by the Request-URI. If the Request-URI refers
to a data-producing process, it is the produced data which shall be
returned as the entity in the response and not the source text of the
process, unless that text happens to be the output of the process.
...
It seems to me, Rails is only using a
concise way to describe URLs. It seems
to me every URI is RESTful, in it's
designed scope.
URIs are neither RESTful or non-RESTful. REST is an architectural style for which you need to consider the overall application.
GET
is the method for the retrieval request. If you want to put this in the context of the REST dissertation, if your GET
request has side-effects, it will then break a few other constraints, for example regarding the cache.
You could also potentially design a RESTful system where a GET /delete?student_id=3
request gives you a representation telling you (or asking you to confirm) that you want to delete that student, so long as it doesn't actually perform the delete operation.
A GET should be safe to be RESTful, but obviously combined with a delete it is unsafe.
So it looks RESTful but doesn't act RESTful. So it fails the duck test.
See Section 5.1.5. Your example violates the uniform interface constraint. It does this by violating the HTTP spec.