HTTP 協議的Safe Methods

HTTP/1.1常見的Methods中，屬於Safe Methods的如下。

HTTP協議中屬於Safe Methods的有GET，HEAD，OPTIONS及TRACE。

HTTP Safe Methods的意思是，client的請求僅限於讀取(read-only)，且不改變server的狀態，則此請求方法則為Safe Method。也就是說請求的方法不會對server造成任何的side-effect。

節錄RFC 7231 - Section 4.2.1的原文如下：

Request methods are considered "safe" if their defined semantics are essentially read-only; i.e., the client does not request, and does not expect, any state change on the origin server as a result of applying a safe method to a target resource. Likewise, reasonable use of a safe method is not expected to cause any harm, loss of property, or unusual burden on the origin server.

那查詢請求時通常應用程式會在資料庫新增日誌檔，這樣是否也屬於Safe Methods呢? 根據文件的說明，只要client請求沒有意圖對server進行其他額外有影響的操作，仍歸屬於Safe Methods。

• What is idempotency in HTTP methods?
• HTTP Verbs: 談 POST, PUT 和 PATCH 的應用