1

So, basically the 255-char limitation of URLs is too short for me, and I don't want to rely on ignoring it.

My request will not change anything on the HTTP server end. I need to send some data with request, that is slightly larger than 1024 characters in size and is NOT of secure/secret character. The server will use the data for verification against a database and return a result of this verification, but nothing is changed. The request is thus said to be idempotent. In pseudecode, client calls RPC:

int verify_data(char[>1024] data)

Can I use POST or will this violate principles of REST and other good HTTP client/server design? I obviously cannot use GET?

Armen Michaeli
  • 8,625
  • 8
  • 58
  • 95
  • 255-char limitation? Where did you see this? Do you have any documentation for this limitation? http://www.boutell.com/newfaq/misc/urllength.html says otherwise. – S.Lott Jul 12 '10 at 20:50
  • Just rumours :-) Picked it up over the years, but never confirmed. Just did a GET request to my local server with telnet with a query string over 2000 characters long and it worked. But Google is full of results where people complain their URIs get truncated. If we assume truncation, is there anything but GET one can use, as per my original question? Thanks. – Armen Michaeli Jul 12 '10 at 21:01
  • Why "assume truncation" when you have no actual evidence? I don't understand. – S.Lott Jul 13 '10 at 02:40
  • Oh, there is evidence: http://support.microsoft.com/kb/q208427/ – Armen Michaeli Jul 13 '10 at 10:12

2 Answers2

1

I have a similar trouble

May be using PUT is a better alternative. I mean, according to REST principles PUT should also be an idempotent operation (so that servers might cache it) and you don't have the limitation size of GET

opensas
  • 60,462
  • 79
  • 252
  • 386
0

What is the maximum length of a URL in different browsers?

Do you control the server and the client? If you know that both will handle the length, then I would go ahead and run with it.

Community
  • 1
  • 1
Jason
  • 86,222
  • 15
  • 131
  • 146
  • I don't exactly control the server, but will do some checking. A bit of the problem is that I also cannot vouch for exact size of the data to be sent with the request. There has to be a way that does not involve checking whether what will handle what? I mean we are talking HTTP here, which is almost overspecified? – Armen Michaeli Jul 12 '10 at 21:33
  • I also read the content linked, and the research concludes that one should not send over 2000 characters. I will DEFINITELY be sending more than that. I don't think GET is what I need. I am indeed "getting" a result, but I am wondering if HTTP has something else for my purposes? As last resort I will have to do an idempotent POST (which is not POST at all per se) – Armen Michaeli Jul 12 '10 at 21:36
  • You're over-thinking this. If GET won't handle what you need to do, then do a POST. I don't think you're going to find any other answer. – Jason Jul 13 '10 at 01:18
  • Well, your comment is the answer I was looking for in a way. I thought I missed something, but turns out I didn't - there is the GET and its practical limit (I posted a comment with link above) and then there is POST, which is supposed to do something else. HTTP is a bit too rigid it appears, if I had a raw TCP/IP socket client-server, I wouldn't need to think what is idempotency in the first place, I could just pipe data out from client and parse the response. – Armen Michaeli Jul 13 '10 at 10:14