This particular sentence says it all: "the message content should be independent of the transmission channel." That's the RPC dream: no matter what the pipe is, I'm sending you stuff to do. The problem, of course, is that in practice the transmission channel is never neutral: for example, HTTP and RMI are very different beasts, and in practice applications built on top of either one will end up relying on this or that assumption about the protocol, no matter how hard you try to standardize them. Same for any transmission protocol out there, really. You just have to decide when to stop trying to abstract everything away and do your work, because each additional abstraction is inevitably leaky. In this sense, REST basically tells you to stop right there and get to work. REST is not a "transmission channel", it's an application design philosophy for applications built on HTTP. End of.
Pretty much all his other objections can be fixed by using proper response codes and intelligent payloads that do not include verbs. The only verbs you need are in HTTP already - GET, POST and DELETE will cover 99% of your requirements. They make your API substantially predictable and robust. The minute you start putting verbs in payloads, you're doing RPC and you might as well use CORBA. If this is what you want, go ahead and do it, but don't say it's REST's fault if you don't understand what REST is.
Hardly. There's no search in these. You end up putting your query either to URL, which is hideous, or to request body, which is awful.
The only HTTP verb that can sensibly carry anything beside "create", "destroy", and "retrieve" commands is POST. This equals to operation "manipulate". And guess what? Plenty of remote interfaces use at the same time many operations that can be called "manipulate". Sticking to merely HTTP verbs is way, way too constraining.
We'll just have to disagree there.
In any case, if you find REST restrictive, fine, go ahead and do your RPC. Just don't try to tell me that it's anything other than RPC, with all the problems and warts we all know.
The value in REST is exactly that it forces you to simplify your interface down to basic verbs that everyone can understand and work with; if you can't do that, if additional complexity is unavoidable, then REST is not for you and you should be aware that your application is now officially complex, maybe too complex to be a public API.
From that point of view, something like SOAP is a perfectly respectable protocol and you should use that instead.
>The only HTTP verb that can sensibly carry anything beside "create", "destroy", and "retrieve" commands is POST.
So what you are saying is that a search or query is fundamentally different from the idea of "retrieve" provided by the GET verb?
To really do things for arbitrary apps without getting ugly and abusing the intended semantics, you really need at least GET, QUERY (safe, retrieves a resource specified by the combination of the URI and the request body rather than just the URI like GET), POST, PUT, PATCH, and DELETE. All but QUERY and PATCH are very widely supported now, and PATCH is fairly widely supported. QUERY isn't (there are some things like it under various names, mostly overly specific and tied to WebDAV, but nothing general purpose in an RFC or in general use.)
No, you just get something like XML-RPC. Which was a great and cool solution in its time. Only even simpler in this case, since XML is replaced with JSON.
Nothing to do with SOAP's faults (which were related to over-engineering and ridiculous volumes of specs) at all.
RPC-over-JSON (using HTTP) is exactly what we need and what we want to do.
Only we do it as "REST", complicating our lives trying to condense our endpoints to BS "HTTP verbs" that don't exactly match, and adding a separate off-band lane for status (HTTP STATUS codes) instead of having everything alonside the payload.
No he's not. The RPC pattern is a tad more specific than "any pattern that separates message content from channel". Likewise, just because you put one or more "verbs" in your payload doesn't mean you're doing RPC.
An RPC system has a much more rigid message structure that represents a function call, which is automatically marshaled via concrete client and server methods. If you're just receiving a payload and calling one or more methods based on it's contents, you're not doing RPC and you're not even touching upon any of the problems of SOAP.
The actual problems with SOAP have very little to do with the fact that messages can be serialized or that there are verbs. Here are some of the problems with SOAP:
- XML is verbose, making transmission slower.
- SOAP is a huge, complicated type system compared to JSON.
- Mapping SOAP to a given language is difficult.
- Security concerns over automatic function marshaling.
What, exactly the 'solution' will look like depends on future posts... however https://xkcd.com/927/ (Standards) comes to mind.
I don't see much wrong with those, and they do much better than REST, since they already have well-defined way of signaling errors.