Should HTTP POST be discouraged?

Question

Quoting from the CouchDB documentation:

It is recommended that you avoid POST when possible, because proxies and other network intermediaries will occasionally resend POST requests, which can result in duplicate document creation.

To my understanding, this should not be happening on the protocol level (a confused user armed with a doubleclick is a completely different story). What is the best course of action, then?

Should we really try to avoid POST requests and replace them by PUT? I don't like that as they convey a different meaning.

Should we anticipate this and protect the requests by unique IDs where we want to avoid accidental duplication? I don't like that either: it complicates the code and prevents situations where multiple identical posts may be desired.

Answer 1

Should we really try to avoid POST requests and replace them by PUT? I don't like that as they convey a different meaning.

For document creation (as mentioned in the doc you cite), that is exactly the correct meaning. For document modification, occasional resent requests are not a problem.

Answer 2

I must have been extremely lucky in my WebMaster days to never have seen duplicate POST requests.

TCP/IP sends numbered messages, I wouldn't know why any webserver wouldn't discard of the duplicates.

Is this duplicate POST thing really an issue?

Answer 3

We should avoid POST requests when the request is idempotent and does change server state (it should not change the server state each time it is performed, in document creation this means the document should only be created once).

POST is suitable when the request is non-idempotent. This means that everytime the request is sent there is a change in server state. For an update or delete this should not matter.

Of course, due to web browser support only GET and POST requests have really been adopted because POST does all that PUT does (it's just not designed for idempotent requests).