| ▲ | robertlagrant 4 days ago | |
Only if you trust the client, presumably. | ||
| ▲ | ndriscoll 4 days ago | parent [-] | |
I don't see how that's related. The HATEOAS idea was that you send the client the relevant data and next set of possible actions with each response (e.g. a web page with forms for possible things they can do). If they try to perform in invalid action, you still just reject on the server. The client doesn't tell the server what it can do. The point is you need the logic on the server since you can't trust the client, but you can make the client "dumb" with just super generic ability to show data and submit forms, and then you don't need to write your application logic a second time in the client. The server sends it instructions for the generic renderer to perform. | ||