I wonder if HTML forms will add support for QUERY:
<form action="..." method="query">
Supporting more than GET/POST in HTML forms has been my dream for decades. There's a WHATWG proposal to do just that if you want to add your voice: https://github.com/whatwg/html/pull/11347
What’s the use case for that?
This is better solved with the post redirect get pattern.
The redirect pattern makes sense for a POST request that creates a resource, where you can then redirect to the newly created resource.
QUERY on the other hand makes sense for cases where the request doesn't cause any state changes on the server, and there is no resource to redirect to.
That is the good old fashion workaround. But why is it better than a form causing an HTTP QUERY.
If we can do QUERY forms, it would be an ideal time to add JSON encoding for forms.
One oddity of forms: the result of a form POST is a page that has a location (the URL) but that cannot loaded via that location. As far as I know, the fact that the page is a POST and not a GET is not stored anywhere visible to the user or to JS. And refresh works oddly.
If method=QUERY were added, there would be a new variety of this weirdness.
At least browsers wouldn't have to warn users that they'd be resubmitting data if they reload the page after submitting a query form, since query requests are intended to be idempotent
You still get the nastiness that the Sec-Fetch-* state gets mostly trashed when you hit refresh. And someone would need to figure out how CORS preflight interacts with refresh, which is not currently an issue with POST. (The current "simple request" behavior or whatever it's called is a real mess and is the cause of a lot of CSRF vulnerabilities.)
They never added support for any other verbs, but it's a brave new world, so who knows
See https://github.com/whatwg/html/issues/12594.
Forms, HTTP implementations, public API surfaces, and all for what exactly. Introducing a new verb for this feels profoundly misplaced
Idempotency is an important attribute for correctness. Yep, you can document that POSTing to $ENDPOINT is idempotent, but you can't communicate that to caching layers throughout the network. QUERY, by definition, is idempotent and cacheable.
Great point. I wish more people realized that intuitively.
Does anyone know if this approach works at significantly larger scales? Curious about where it breaks down.
Larger scales like what? I expect that everywhere you currently cache GETs you can cache QUERYs. But does caching GETs work at scale?
At least support - or lack thereof - for a new verb is unambiguous (compared to changing the semantics of GET)
Depends whether your form submission should expect side effects or not. Most forms submissions have side effects. If the effect is truly idempotent, wouldn't PUT be a better verb? That is also supposed to be idempotent.
You can’t use PUT as a form action though.
GET and QUERY are both idempotent.
Hold my beer!
Now HN’s UX can finally be decent.
The team will have to wait for a new header and textarea specs to fix the rest of the jank.
This site is so awful lol. Why don’t they update it?
Where does HN use POST for safe operations? I can't think of any.
Comment submission isn't safe, so QUERY can't be used there. And it doesn't suffer from the problem anyways, since HN returns a 3XX on successful submission, so refreshing doesn't show a warning.