Are the HTTP methods different in 1.1 and 1.0?

tags:

http
https

views:

answers:

Are the HTTP methods different in 1.1 and 1.0?

Greetings all,

I've been told by co-workers that the GET method is different in HTTP 1.0 and 1.1.

The way it was explained to me was that in HTTP 1.0 GET does not have a body, ergo you cannot add additional information in the body. All of the variables have to be specified in the URI as CGI type variables.

However, in HTTP 1.0 GET allows a body, so one could specify variables using XML (or whatever) in the body of the GET message.

Is this true? I've crawled the web looking for HTTP 1.0/1.1 documents, comparisons and otherwise, but I've never found the above statements? If it is true, can you point me to a reference so I can study up on it?

What about the other methods: PUT, POST and DELETE? Are the same or different between 1.0 and 1.1?

+2 A:

I don't think any method definitions changed.

Technically, you could have a request body for GET, but that doesn't mean it's a good idea, or that it'll work with all libraries/intermediaries/servers.

Julian Reschke 2010-10-08 22:33:37

I'm starting to think its not related to the version of HTTP.I took `HTTP` out of my google searches and started finding hits on HTML that explained that GETs encode the variables in the URI while PUT/POST have the variables in the body.

John Rocha 2010-10-08 22:57:46

John, that's an aspect of HTML forms, not of HTTP itself.

Julian Reschke 2010-10-09 08:48:50

Why not take a look at the HTTP RFCs? They're not all that hard to read, and they're the authority. You could even just look at the 1.1 RFC and see what changed.

http://www.ietf.org/rfc/rfc1945.txt

http://www.ietf.org/rfc/rfc2616.txt

atk 2010-10-08 22:58:03

I've already done that. The specs don't answer this question directly. For example, the section on message bodies says that they must not be included if the specification of the requested method does not allow sending an entire-body in requests. Then the section it references does not give that information.

John Rocha 2010-10-11 15:52:52

The closest I found was section 15.1.3 "Encoding Sensitive Information in URI's" which indicates "Authors of services which use the HTTP protocol SHOULD NOT use GET based forms for the submission of sensitive data, because this will cause this data to be encoded in the Request-URI." However, this is the only section that seems to indicate that a GET encodes its data in the URI. And yet, co-workers have since shown me APIs that use GET with parameters in the body.

John Rocha 2010-10-11 15:55:17

P.S. Thanks for the suggestion and links to the RFCs.

John Rocha 2010-10-11 15:58:22

The protocol doesn't prevent you from adding in a body (either HTTP 1.0 or 1.1). The real question is why? The semantics of GET are generally dead simple. If you're just looking at a comparison of 1.1 and 1.0, there are a few differences (like 1.0 not supporting chunked encoding), but unless you're going to support a very specific 1.0 client, why does it matter?

Kylar 2010-10-14 00:53:29

ansaurus

tags:

views:

answers:

Are the HTTP methods different in 1.1 and 1.0?

related questions