HTTP Methods
HTTP methods (also called HTTP verbs) define the action a client requests on a server-side resource. Nine standard methods exist and newer specifications add additional methods, covering retrieval, modification, deletion, and metadata operations. Each method has properties (safe, idempotent, or cacheable) affecting how clients, servers, and intermediaries handle the request.
Methods
| Method | Safe | Idempotent | Cacheable |
|---|---|---|---|
| GET | X | X | Yes |
| HEAD | X | X | Yes |
| OPTIONS | X | X | No |
| TRACE | X | X | No |
| DELETE | X | No; invalidates cache | |
| PUT | X | No; invalidates cache | |
| POST | Sometimes | ||
| PATCH | Sometimes | ||
| CONNECT | No | ||
| PRI | No | ||
| QUERY* | X | X | Yes |
* QUERY is a proposed method defined in an IETF draft (draft-ietf-httpbis-safe-method-w-body) and is not yet a published standard.
General-purpose servers are required to support GET and HEAD. All other methods are optional.
GET
The GET method retrieves the current representation of a resource. This is the primary retrieval mechanism and the most common HTTP method.
HEAD
The HEAD method is identical to GET except the server returns only the status line and Headers, with no message body. Useful for checking resource existence or metadata without transferring the full content.
OPTIONS
The OPTIONS method queries the communication options available for a resource or the server. The response includes an Allow header listing supported methods.
TRACE
The TRACE method performs a loop-back test along the path to a resource. The server echoes the received request back to the client, useful for diagnosing intermediary modifications.
DELETE
The DELETE method removes the target resource and all of its representations from the server.
PUT
The PUT method replaces the target resource with the request content. When no resource exists at the target URL, PUT creates one.
POST
The POST method submits data to a resource for processing. The server determines the action: creating a new resource, updating an existing one, or triggering a side effect.
PATCH
The PATCH method applies partial modifications to a resource. Unlike PUT, which replaces the entire resource, PATCH changes only the specified fields.
CONNECT
The CONNECT method establishes a tunnel to the origin server identified by the request target. Commonly used for HTTPS connections through an HTTP proxy.
QUERY
The QUERY method sends a safe, idempotent query in the request body. QUERY combines the safety of GET with the ability to include a request body, suitable for complex queries exceeding practical URI length limits. QUERY is defined in an IETF draft (draft-ietf-httpbis-safe-method-w-body) and is not yet a published RFC.
PRI
The PRI method is the HTTP/2 connection preface method, sent as the first bytes of every HTTP/2 connection to signal protocol upgrade. PRI is not intended for use by clients or servers as a regular HTTP method.
Method properties
Safe
A safe method does not modify server state. The operation is read-only from the server's perspective. Side effects like logging or incrementing a counter do not change the safety classification, as the client did not request those effects.
Safe methods: GET, HEAD, OPTIONS, and TRACE.
Idempotent
An idempotent method produces the same server state whether called once or multiple times. After the first request completes, repeating the same request has no additional effect.
All safe methods are idempotent. DELETE and PUT are also idempotent but not safe because they intentionally change server state.
Initial request
DELETE /documents/old-news HTTP/1.1
Host: www.example.re
Response
HTTP/1.1 200 OK
Repeated request
DELETE /documents/old-news HTTP/1.1
Host: www.example.re
Response
HTTP/1.1 404 Not Found
The response differs because the resource was already removed. The server state after both requests is identical: the resource is gone. This makes DELETE idempotent.
Cacheable
A cacheable method produces a response eligible for storage and reuse by caches. Cached responses avoid repeated transfers of identical data from the server.
GET and HEAD responses are cacheable by default. POST and PATCH responses are cacheable when the response includes explicit Cache-Control directives and freshness information.
Unsafe methods like PUT and DELETE invalidate cached entries for the target resource. A locally cached GET response becomes stale after a PUT to the same URL.
Takeaway
HTTP methods define the operations available on server resources. Each method carries safety, idempotency, and cacheability properties determining how clients, caches, and intermediaries handle the request and response.
