RESTful PUT and DELETE and firewalls

Question

In the classic \"RESTful Web Services\" book (O\'Reilly, ISBN 978-0-596-52926-0) it says on page 251 \"Some firewalls block HTTP PUT and DELETE but not POST.\"

Is th

Answer 1

I would not worry about overloading a POST to support a DELETE request.

HTML 4.0 and XHTML 1.0 only support GET and POST requests (via ) so it is commonplace to tunnel a PUT/DELETE via a hidden form field which is read by the server and dispathced appropriately. This technique preserves compatibility across browsers and allows you to ignore any firewall issues.

Ruby On Rails and .NET both handle RESTful requests in this fashion.

As an aside GET, POST, PUT & DELETE requests are fully supported through the XMLHttpRequest request object at present. XHTML 2.0 's officially supports GET, POST, PUT & DELETE as well.