Understanding the new HTTP QUERY method (RFC 10008): History, benefits, and drawbacks
By
Manuel
Summary
This blog post explores the newly published RFC 10008, which defines the HTTP QUERY method. It explains the technical background of HTTP methods, why a dedicated QUERY method is needed beyond existing methods like GET and POST, and discusses the history, advantages, and disadvantages of this new approach for RESTful APIs and web development.
Source
Key quotes
· 4 pulledIn the world of RESTful APIs, we have long lived by a strict set of (self-imposed) rules.
Whether you are fetching data with GET, creating an entity with POST, or updating a resource with PUT, the HTTP method tells the server what your intention is.
Quite recently, RFC 10008 got published, which defines the new QUERY method for HTTP.
From a purely technical point of view, the HTTP method is just a string.
You might also wanna read
RFC 10008: Defining the HTTP QUERY Method for Safe, Idempotent Requests
This specification defines the HTTP QUERY method, a new HTTP request method that allows safe and idempotent queries. Unlike POST requests, Q
RFC 10008: Defining the HTTP QUERY Method for Safe, Idempotent Requests
This specification defines the HTTP QUERY method, a new HTTP request method that allows safe and idempotent queries. Unlike POST requests, Q
RFC 9458: Oblivious HTTP — A Protocol for Privacy-Preserving HTTP Message Forwarding
This document (RFC 9458) defines Oblivious HTTP, a protocol standardized by the IETF for forwarding encrypted HTTP messages. It enables clie
datatracker.ietf.org·27d agoA Comprehensive Guide to HTTP Strict Transport Security (HSTS): Implementation, Preloading, and Best Practices
This article provides a comprehensive, hands-on guide to HTTP Strict Transport Security (HSTS), explaining how it prevents downgrade attacks
undercodetesting.com·1d ago
Understanding XPath and Older Web Technologies in Modern Development
The article discusses older web technologies like XPath that many modern developers may not be familiar with due to working primarily within
HTTP Header Injection Meets Response Queue Poisoning: A Critical Attack Vector
This article details how HTTP header injection, traditionally considered a moderate-severity vulnerability, can be escalated into a critical
undercodetesting.com·10d agoNavigating API Design Challenges in the MCP and AI Client Era
The article discusses the author's deep dive into MCP (Model Context Protocol) API design while refining the APIs.io MCP server. It explores

Comments
Sign in to join the conversation.
No comments yet. Be the first.