HTTP Methods

Request methods like GET, POST, PUT, PATCH, DELETE — their safety, idempotency, cacheability, and real usage.

GETSafeIdempotent

GET is the most fundamental HTTP method, used to retrieve a resource from the server. It only reads data without changing server state, so it is safe, and repeating the same request yields the same result, so it is idempotent.

POST

POST submits data to the server to create a new resource or trigger processing. It changes server state so it is not safe, and sending it twice may create two resources so it is not idempotent.

PUTIdempotent

PUT replaces the entire resource at the target URL (or creates it if absent). Repeating the same request leaves the same final state, so it is idempotent.

PATCH

PATCH applies a partial update to a resource. Only the sent fields change and the rest stay intact, in contrast to PUT which replaces the whole thing.

DELETEIdempotent

DELETE removes the target resource. Deleting an already-deleted resource leaves the same 'gone' final state, so it is idempotent.

HEADSafeIdempotent

HEAD behaves exactly like GET but returns only headers, without a body. It is handy for checking a file's size, type, modification time, or existence without actually downloading it.

OPTIONSSafeIdempotent

OPTIONS asks which methods and capabilities the target resource supports. In practice the most common use is the CORS preflight the browser sends before a cross-origin request.

TRACESafeIdempotent

TRACE is a diagnostic method that echoes back how a request is transformed as it passes through proxies and gateways. The server returns the received request in the body (an echo).

CONNECT

CONNECT asks a proxy to open a two-way tunnel to the target server. It is used to pass HTTPS traffic through a forward proxy.