POST operation vs DELETE operation
Hello guys, sorry to disturb you all; I was just experimenting some CRUD operations in mongoDB and I needed to remove a particular thing from the database. What I did is that I send a POST request having in my req.body whatever thing I need to remove.
The confusion that arise is that, notice that I want to DELETE something but I use a POST request; it works fine, the thing is we can use both POST or DELETE, what is the difference then please
23 Replies
delete is more correct
technically speaking
yeah, logically we should use it but is there a reason for that?
In my mind I interpret it like that "submit something then remove it" at first I didn't think of the DELETE method
i have no idea why it was created
yeah, I will need to read a bit about that but it's better practice to use delete Ig
the most important part is to not use a GET for any action that modifies the database (beyond like... viewcounts or whatever), and especially not for actions that can cause data loss or cost money.
Browsers will warn a user that actions might be duplicated if they try to refresh the result of a POST or DELETE, but not for a GET.
Other than that, yes, in an ideal world you'd use POST, PUT, and DELETE for Create, Update, and Delete. Part of the real-world reason is that you can often filter the same URL based on the method.
You'd have a POST to /widget to create a new one, then a GET to /widget/7892 to show that widget to your end user, a PUT to that same URL to submit a change, and a DELETE to that same URL to remove it. It can simplify your routing
as for the original reasons, that hardly ever matters beyond trivia and general interest, especially for ancient protocols like HTTP
hmmm what do you mean by "Browsers will warn a user that actions might be duplicated if they try to refresh the result of a POST or DELETE, but not for a GET." please
when you submit a form with post, then refresh the page, the browser shows that warning
ahh I see, yep thanks !
Isn’t the difference between DELETE http method and POST that DELETE is idempotent while POST is not.
Meaning running same DELETE requests result in same results, while POST might not because it can have side effects.
A post might be: Delete this and notify its user for its deletion, so you have creation of notification as side effect, running that request multiple times will result in creation of multiple notifications.
yeah, that too. There's a whole table on the MDN article
that side effect might actually be very important
imagine the ui bugs out because you are in an elevator, but you sent the request and the server processed it and you never got the response
a new delete will say that the file no longer exists
this can be used to update the ui in a different way
for example, a list may be refreshed to make sure the data is all updated
while with a delete, you always get just a confirmation and no indication of an error
this can lead to an ui de-sync with what you expect from the server
hmm
what is the meaning of "idempotent" ? Like its value doesn't change something like that? I hear and read that somewhere but I don't remember
if you do the same request 300 times, you always get the same response with the same side effects
how does delete differs?
delete says "delete file x"
if you send the same delete again, file x is gone but that's still a success
say when we successfully delete something we have a notification like a json response being sent back, with post every time we would have the json response ? while with delete only once ?
an HTTP DELETE should produce a success or failure response, and success basically says "You have the right access rights to delete something, and also it does not exist after the request was received". Failure says "You are not allowed to delete this or there was an issue"
hmmm what do you mean "it doesn't exist after the request as received please", how would it differs from post ?
A POST doesn't always have to produce the same result. Say I send a POST that adds a comment to a blog, sending that POST again will add a second, identical comment.
A DELETE should always produce the same result: A page without the comment you clicked delete on. Whether you send that DELETE again or not, the comment should still not be there after the request
that's also why a PUT (replace all values of an entity with new ones) is idempotent, but a PATCH (increment the rating, for example) isn't
Don't take this all too seriously btw, it's very often sinned against in practice. Lots of places will say "Yes, I deleted" for the first DELETE call and "Hey, I can't find this thing" for the second one
yep I see, I have a clearer idea of what it is now, thanks ! Apart from "good practice" it isn't that important ?
it depends on your needs