Whenever I have to create a RESTful web service and the use case implies on getting data based on a set of search criteria, I always opted for a POST request with the parameters in the body instead of a GET request for all the obvious reasons. I've seen it a dozen of times so I figured is was best practice.
Most recently I stumbled upon this interesting blog article by Evert Pot where he comments on the downsides of the POST verb and simply notes on using the REPORT verb instead. He also states that "its semantics are well defined and it works everywhere". After reading the post I've been trying to find some more information on this REPORT verb but not much can be found. I know it was part of RFC-3253 as a way to obtain information about a resource but other than that I am clueless.
My question are the following:
- Is REPORT really a better alternative than POST in the case of requesting a resource based on a set of search criteria?
- Is it wise to start using it or is it too risky? I'm seeing lots of
HTTP Method REPORT not supported
issues from various tools and frameworks. - Why does it seem like it is neglected over the years and why do we know so little about it?
- What could other valid use-cases be for using this verb?
Thank you in advance.
The REPORT method is defined in the webdav scope, including the
Depth
header field, and theDAV:version-tree
report request.Using it outside webdav you may incur in some unspecified behavior.
This is semantically different from a POST request, where you usually transfer the expected representation you want to convey to the server.
Consider that in the HTTP method registry REPORT is marked as "safe" and "idempotent", while that's not the case for POST
Those are tied to webdav. To foster REPORT usage we should extend its definition and disentangle it from webdav.