You only need GET (and its little brother HEAD) and POST. Whether operations on a resource are idempotent or not is something that you might like to change. Send all operations through POST which will apply business logic and don’t use PUT or DELETE. Simple.
There are some tips on making a website fast in this video: How is this Website so fast!?
This was suggested on #lobsters today:
$ curl -o /dev/null -w "Connect: %{time_connect} TTFB: %{time_starttransfer} Total time: %{time_total} \n" https://www.progclub.org/
This on Hacker News today: CSRF, CORS, and HTTP Security headers Demystified.
The above article referred to OWASP SameSite doco, and you can read about how to implement that with PHP.
I just wanted to get something that I’ve thought for many years on record, because I don’t think I’ve ever had the chance to discuss it much before, but I believe JSON web services (“REST APIs”) and web applications should deal only in two HTTP verbs, being: GET and POST. You use GET for queries and you use POST for submissions. All POST operations go through business logic for particular services and CRUDing URLs is a supremely bad idea, in my opinion. Just wanted to get that on record. Thanks. p.s for web applications you should 3xx on success, not 2xx on success; what you do for JSON web services is up to you, but for those 2xx is probably fine.
A fun read: Falsehoods Programmers Believe about REST APIs.
Today I learned about the Retry-After HTTP header. It was mentioned over here.
This popped up on r/programming today: HTTP(S) Benchmark Tools.
To disable the HTTP Referrer (Referer) header in Firefox open about:config and set network.http.sendRefererHeader to zero.
2017-12-09 jj5 – TODO: document this on my blog…
On Debian GNU/Linux 9.1 (stretch) when I try to open an *.desktop (application/x-desktop) link in a browser I get:
A folder named ~/.cache/kioexec/krun/13821_0/ already exists.
Searching for:
A folder named kioexec krun already exists
turned up diddly squat.
I solved the issue (for me) by changing:
System Settings -> Personalization -> Applications -> Default Application s-> Web Browser
from:
Open http and https URLs in an application based on the contents of the URL
to:
Open http and https URLs in the following browser: firefox
