Ad

Downsides Of An API Which Neglects Http Method And Path

- 1 answer

I'm wondering what the downsides would be for a production server whose api is totally ignorant of the HTTP request path. For example, an api which is fully determined by query parameters, or even fully determined by the http body.

let server = require('http').createServer(async (req, res) => {

  let { headers, method, path, query, body } = await parseRequest(res);

  // `headers` is an Object representing headers
  // `method` is 'get', 'post', etc.
  // `path` could look like /api/v2/people
  // `query` could look like { filter: 'age>17&age<35', page: 7 }
  // `body` could be some (potentially large) http body

  // MOST apis would use all these values to determine a response...
  // let response = determineResponse(headers, method, path, query, body);

  // But THIS api completely ignores everything except for `query` and `body`
  let response = determineResponse(query, body);

  doSendResponse(res, response); // Sets response headers, etc, sends response

});

The above server's API is quite strange. It will completely ignore the path, method, headers, and body. While most APIs primarily consider method and path, and look like this...

method  path                   description

GET     /api                   - Metadata about api
GET     /api/v1                - Old version of api
GET     /api/v2                - Current api
GET     /api/v2/people         - Make "people" db queries
POST    /api/v2/people         - Insert a new person into db
GET     /api/v2/vehicles       - Make "vehicle" db queries
POST    /api/v2/vehicles       - Insert a new vehicle into db
.
.
.

This API only considers url query, and looks very different:

url query                                 description

<empty>                                   - Metadata about api
apiVersion=1                              - Old version of api
apiVersion=2                              - Current api
apiVersion=2&table=people&action=query    - Make "people" db queries
apiVersion=2&table=people&action=insert   - Add new people to db
.
.
.

Implementing this kind of api, and ensuring clients use the correct api schema is not necessarily an issue. I am instead wondering about what other issues could arise for my app, due to writing an api with this kind of schema.

  • Would this be detrimental for SEO?
  • Would this be detrimental to performance? (caching?)
  • Are there additional issues that occur when an api is ignorant of method and url path?
Ad

Answer

That's indeed very unusual but it's basically how a RPC web api would work.

There would not be any SEO issue as far as I know. Performance/caching should be the same, as the full "path" is composed of the same parameters in the end.

It however would be complicated to use with anything that doesn't expect it (express router, fancy http clients, etc.).

The only fundamental difference I see is how browsers treat POST requests as special (e.g. won't ever be created just with a link), and your API would expose deletion/creation of data just with a link. That's more or less dangerous depending on your scenario.

My advice would be: don't do that, stick to standards unless you have a very good reason not to.

Ad
source: stackoverflow.com
Ad