[jdev] XMPP URI & GET/POST Semantics
Waqas Hussain
waqas20 at gmail.com
Wed Oct 6 06:58:50 CST 2010
On Wed, Oct 6, 2010 at 3:02 AM, Alex Milowski <alex at milowski.org> wrote:
> I've been looking at XMPP uri processing and the different
> query types [1] and I'm curious if anyone has defined more GET/POST/etc.
> semantics for thees URI values?
>
POST all the way.
There is no direct mapping between HTTP methods and XMPP URI query
types. Almost none of the query types are 'safe' (the way some HTTP
methods are safe [1]).
The exceptions I suppose are the query types which result in a single
IQ 'get' or 'set'. These can be mapped to HTTP GET and PUT (or POST).
I might still use POST for everything, because XMPP doesn't explicitly
define these as safe, the way HTTP does. And it would be consistent :)
> I've been integrating XMPP URI support into Restlet [2] and I'm
> struggling with the right processing model. As Restlet has a
> uniform processing model, the method is less of a
> constraint.
>
> For example, I could "POST" or "GET" on:
>
> xmpp:alex at milowski.com/desktop?message;body=hello+world
>
> without an entity body and have the semantics be the
> same (i.e. send a message). Neither would return an
> entity body because of the asynchronous nature of XMPP. As
> "POST" is more usually associated with "sending data", it
> seems like that is more appropriate.
>
The is clearly a POST. GET should only be used if the operation
doesn't have side effects, and is safe, which this is not.
> I have enabled both but I'm curious as to the intended use.
>
I haven't looked at Restlet, and am not sure what enabling both means
for this particular application. However GET is only for safe
operations. Clients and robots are allowed to use it in an automated
fashion. Allowing unsafe/destructive operations with HTTP GET is a
very bad idea, e.g., see [2].
> [1] http://xmpp.org/registrar/querytypes.html
> [2] http://www.restlet.org
>
> --
> --Alex Milowski
[1] http://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol#Safe_methods
[2] http://thedailywtf.com/Articles/The_Spider_of_Doom.aspx
--
Waqas Hussain
More information about the JDev
mailing list