RESTful design: distinguish between unpublish and delete [closed] - api

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 4 years ago.
Improve this question
Designing an API and looking for some advice.
Here's the actions:
publish : publish the document (POST)
update : update the document (PUT or PATCH)
unpublish : take the document down with the intention of putting it up later (?)
delete : remove the document completely (DELETE)
Any ideas?
Thanks!
Matt

Update and delete are pretty obvious, as you have them.
Do you consider "publish" the same as "create"? "Publish" can mean taking a document you've created and making it publicly visible. One way to think of it is, you can only create a document once, but then you can publish and unpublish it many times.
You might think about the lifecycle of the document, and what you can do with it after "unpublish". It kind of depends on what you want the sequence: "create (publish?) ... unpublish ... publish ... unpublish ... delete" to do. If publish/unpublish don't do anything different than create/delete, then you can just drop them and avoid the complexity altogether.
The purist REST answer is to provide a property in the representation: { ... "published": true ... } and let the client PUT an update to change that state. If that state changes, it triggers whatever processing is needed to publish or unpublish the document.
However, I was on a team that was uncomfortable with that because there can be big implications, publicly and technically, to publishing a document. So they chose instead to treat the operation as a POST "data processing" request (as the HTTP spec provides) and provide a POST URL to "publish" and "unpublish" the document.
There are some other options. Like take POST as the append verb, and provide a "published list" URI that allows you to add a document to the published list, doing any processing that's required:
POST ht_p://.../documents
{ the document }
POST ht_p://.../published-documents
{ id= }
DELETE ht_p://.../published-documents/{id}
DELETE ht_p://.../documents/{id}
edit: broke the prentend URIs because stackoverflow complained. ;)

Related

API best practices for batch operations [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 12 months ago.
Improve this question
We have a requirement to develop an API with CRUD operations that supports batch inputs for each of create, read, update and delete operation.
For ex.
Request for "Create" will be an array of [Name and Value]
Response = array of [Name and Value]
Request for "Update" will be an array of [Name and Value] -> Values of each Name are updated here
Response = array of [Name and Value]
Request for "Delete" will be an array of Names
Response = 204 no content
Request for "Read" will be an array of Names
Response = array of [Name and Value]
We will use POST for Create and Update (or PUT?); However to support batch inputs (max array size=100) in the request body for Read and Delete, I think the option is to use POST (instead of GET for read and DELETE for delete). Is there any downside to this approach? Are there guidelines for implementing such batch operations?
If you are trying to communicate operations that aren't worth standardizing, then you should be using POST.
In particular, PUT has a specific meaning in the transfer of documents over a network domain, and you shouldn't be trying to hijack it.
A request body with DELETE is a bad idea. Don't go there - use POST.
A request body with GET is a bad idea. You should either figure out a way to get the information you need into the target URI of the request (ie, each different body you might send is a unique resource) OR you should use POST.
Using POST isn't a great answer, because you hide from the HTTP application the fact that the request semantics are effectively read only; hiding that information reduces the number of intelligent things that general purpose HTTP components can do. POST is still a much better choice than trying to stick a body on GET.
At some point in the future, we expect the working group to produce some standard for new HTTP method aka GET-with-a-body, and that might give you additional options.

Proper route for checking resource existence in a RESTful API [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 4 years ago.
Improve this question
What's the best/restful way to design an API endpoint for checking existence of resources?
For example there is a user database. While new user tries to sign up I want to check if email has been used on-the-fly.
My idea is: POST /user/exists and payload would be something like {"email": "foo#bar.com"}. The response would be either 200 OK or 409 Conflict.
Is this a proper way?
Thanks!
HEAD is the most effecient for existence checks:
HEAD /users/{username}
Request a user's path, and return a 200 if they exist, or a 404 if they don't.
Mind you, you probably don't want to be exposing endpoints that check email addresses. It opens a security and privacy hole. Usernames that are already publicly displayed around a site, like on reddit, could be ok.
I believe the proper way to just check for existence is to use a HEAD verb for whatever resource you would normally get with a GET request.
I recently came across a situation where I wanted to check the existence of a potentially large video file on the server. I didn't want the server to try and start streaming the bytes to any client so I implemented a HEAD response that just returned the headers that the client would receive when doing a GET request for that video.
You can check out the W3 specification here or read this blog post about practical uses of the HEAD verb.
I think this is awesome because you don't have to think about how to form your route any differently from a normal RESTful route in order to check for the existence of any resource, Whether that's a file or a typical resource, like a user or something.
GET /users?email=foo#bar.com
This is a basic search query: find me the users which have the email address specified. Respond with an empty collection if no users exist, or respond with the users which match the condition.
I prefer:
HEAD /users/email/foo#bar.com
Explanation: You are trying to find through all the users someone that are using the e-mail foo#bar.com. I'm assuming here that the e-mail is not the key of your resource and you would like to have some flexibility on your endpoint, because if you need another endpoint to check availability of another information from the user (like username, number, etc) , this approach can fit very well:
HEAD /users/email/foo#bar.com
HEAD /users/username/foobar
HEAD /users/number/56534324
As response, you only need to return 200 (exists, so it's not available) or 404 (not exists, so it's available) as http code response.
You can also use:
HEAD /emails/foo#bar.com
if the HEAD /users/email/foo#bar.com conflict with an existing rest resource, like a GET /users/email/foo#bar.com with a different business rule. As described on Mozilla's documentation:
The HEAD method asks for a response identical to that of a GET request, but without the response body.*.
So, have a GET and HEAD with different rules is not good.
A HEAD /users/foo#bar.com is a good option too if the e-mail is the "key" of the users, because you (probably) have a GET /users/foo#bar.com.

SEO - What to do when content is taken offline [closed]

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I'm going to have a site where content remains on the site for a period of 15 days and then gets removed.
I don't know too much about SEO, but my concern is about the SEO implications of having "content" indexed by the search engines, and then one day it suddenly goes and leaves a 404.
What is the best thing I can do to cope with content that comes and goes in the most SEO friendly way possible?
The best way will be to respond with HTTP Status Code 410;
from w3c:
The requested resource is no longer available at the server and no
forwarding address is known. This condition is expected to be
considered permanent. Clients with link editing capabilities SHOULD
delete references to the Request-URI after user approval. If the
server does not know, or has no facility to determine, whether or not
the condition is permanent, the status code 404 (Not Found) SHOULD be
used instead. This response is cacheable unless indicated otherwise.
The 410 response is primarily intended to assist the task of web
maintenance by notifying the recipient that the resource is
intentionally unavailable and that the server owners desire that
remote links to that resource be removed. Such an event is common for
limited-time, promotional services and for resources belonging to
individuals no longer working at the server's site. It is not
necessary to mark all permanently unavailable resources as "gone" or
to keep the mark for any length of time -- that is left to the
discretion of the server owner.
more about status codes here
To keep the traffic it may be an option to not delete but archive the old content. So it remains accessible by its old URL but linked at some deeper points in the archive on your site.
If you really want to delete it then it is totally ok to return with 404 or 410. Spiders understand that the resource is not available anymore.
Most search engines use something called a robot.txt file. You can specify which URLs and Paths you want the search engine to ignore. So if all of your content is at www.domain.com/content/* then you can have Google ignore that whole branch of your site.

Proper way to remove Page from website [closed]

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I have a product page in my website which I have added 3 years before.
Now the product production was stopped and the product page was removed from website.
What I did is I started displaying message in the product page telling that the production of the product got stopped.
when some one searches in google for that products the product page which was removed from site shows up first in google search.
The page rank for the product page is also high.
I don't want the removed product page to be shown at the top of search result.
What is the proper method to remove a page from website so that it gets depicted by what ever google have indexed in its table.
Thanks for the reply
Delete It
The proper way to remove a page from a site is to delete the actual file that is been returned to the user/bot when the page is requested. If the file is not on the webserver, any well configured webserver will return a 404 and the bot/spider will choose to remove that from the index in the next refresh.
Redirect It
If you want to keep the good "google juice" or SERP ranking the page has, probably due to any inbound links from external sites, you'd be best to set your websever to do a 302 redirect to a similar (updated product).
Keep and convert
However, if the page is doing so well that it ranks #1 for searches to the entire site, you need to use this to your advantage. Leave the bulk of the copy on the page the same, but highlight to the viewer that the product no longer exists and provide some helpful options to the user instead: tell them about a newer, better product, tell them why it's no longer available, tell them where they can go to get support if they already have the discontinued product.
I am completely agree with above suggestion and want to add just one point.
If you want to remove that page from Google Search Result; just login to Google webmaster tool (you must have verified that website in Google webmaster tool) and add that particular page for index removal request.
Google will de-index that page and it will be removed from Google search rankings.

Finding if domain name is already registered? [closed]

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Hi, Is there any API to lookup if a given domain name is already registerd by somebody and get alternative (auto suggested available domain names)?
EDIT:- I think the thing I need is called domain-search not the lookup :)
I've written a whois for PHP, Perl, VB and C# all using a trick that queries '{domain}.whois-servers.net'.
It works well for all but the obscure domains that require registration (and usually fees) such as tonga .tv or .pro domains.
PHP Whois (version 3.x but should still work)
C# Whois
COM Whois (DLL only, I lost the source)
This page shows it in action. You can do some simple string matching to check if a domain is registered or not based on the result you get back.
It's called whois... and for auto-suggestion, there is the domain service at 1&1.
http://www.mashape.com/apis/Name+Toolkit#Get-domain-suggestions - Advanced domain name suggestions and domain checking API.
I think you can use http://whois.domaintools.com/ to get the information. Send a web request as http://whois.domaintools.com/example.com and it will return the information of example.com. But you need to parse the response to filter the required information.
http://whois.bw.org/ is very good. does suggestions and such.
I want an api that I can call from my code or pages. The XML API on www.domaintools.com seems like the thing that I need. I'm looking into it.
thanks for your support. I've found a service by domaintools.com called whoisapi. You can query available domain names and other information by sending an xml request to their servers.