Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
CodesInChaos 6 hours ago

I wonder if HTML forms will add support for QUERY:

    <form action="..." method="query">
This would avoid the annoying re-submission warnings you're getting if you refresh a page that was returned by a POST form submission, since QUERY is required to be idempotent.
paradox460 7 minutes ago | parent | next [-]

They never added support for any other verbs, but it's a brave new world, so who knows

acabal 2 hours ago | parent | prev | next [-]

Supporting more than GET/POST in HTML forms has been my dream for decades. There's a WHATWG proposal to do just that if you want to add your voice: https://github.com/whatwg/html/pull/11347

bob1029 5 hours ago | parent | prev | next [-]

This is better solved with the post redirect get pattern.

diroussel 2 hours ago | parent [-]

That is the good old fashion workaround. But why is it better than a form causing an HTTP QUERY.

If we can do QUERY forms, it would be an ideal time to add JSON encoding for forms.

amluto 4 hours ago | parent | prev | next [-]

One oddity of forms: the result of a form POST is a page that has a location (the URL) but that cannot loaded via that location. As far as I know, the fact that the page is a POST and not a GET is not stored anywhere visible to the user or to JS. And refresh works oddly.

If method=QUERY were added, there would be a new variety of this weirdness.

sheept 3 hours ago | parent [-]

At least browsers wouldn't have to warn users that they'd be resubmitting data if they reload the page after submitting a query form, since query requests are intended to be idempotent

amluto 3 hours ago | parent [-]

You still get the nastiness that the Sec-Fetch-* state gets mostly trashed when you hit refresh. And someone would need to figure out how CORS preflight interacts with refresh, which is not currently an issue with POST. (The current "simple request" behavior or whatever it's called is a real mess and is the cause of a lot of CSRF vulnerabilities.)

chrismorgan an hour ago | parent | prev | next [-]

See https://github.com/whatwg/html/issues/12594.

tempfile 5 hours ago | parent | prev | next [-]

Depends whether your form submission should expect side effects or not. Most forms submissions have side effects. If the effect is truly idempotent, wouldn't PUT be a better verb? That is also supposed to be idempotent.

echoangle 4 hours ago | parent | next [-]

You can’t use PUT as a form action though.

diroussel 2 hours ago | parent | prev [-]

GET and QUERY are both idempotent.

100ms 6 hours ago | parent | prev | next [-]

Forms, HTTP implementations, public API surfaces, and all for what exactly. Introducing a new verb for this feels profoundly misplaced

jagged-chisel 6 hours ago | parent | next [-]

Idempotency is an important attribute for correctness. Yep, you can document that POSTing to $ENDPOINT is idempotent, but you can't communicate that to caching layers throughout the network. QUERY, by definition, is idempotent and cacheable.

resters 2 hours ago | parent | next [-]

Great point. I wish more people realized that intuitively.

jnewton_dev 5 hours ago | parent | prev [-]

Does anyone know if this approach works at significantly larger scales? Curious about where it breaks down.

inigyou 4 hours ago | parent [-]

Larger scales like what? I expect that everywhere you currently cache GETs you can cache QUERYs. But does caching GETs work at scale?

alpinisme 6 hours ago | parent | prev [-]

At least support - or lack thereof - for a new verb is unambiguous (compared to changing the semantics of GET)

ctdinjeu7 6 hours ago | parent | prev [-]

Now HN’s UX can finally be decent.

The team will have to wait for a new header and textarea specs to fix the rest of the jank.

This site is so awful lol. Why don’t they update it?

CodesInChaos 6 hours ago | parent [-]

Where does HN use POST for safe operations? I can't think of any.

Comment submission isn't safe, so QUERY can't be used there. And it doesn't suffer from the problem anyways, since HN returns a 3XX on successful submission, so refreshing doesn't show a warning.