HTTP QUERY: The Missing HTTP Method You Probably Didn't Know About

Introduction

For years, developers had only two realistic choices when sending data to a server: GET or POST. Need to fetch data? Use GET. Need to send a request body? Use POST.

Simple... until it wasn't.

Modern APIs, GraphQL, and complex search systems started pushing HTTP beyond what these methods were originally designed for. That's where HTTP QUERY enters the picture a new HTTP method designed specifically for read-only requests that need a request body.



The Problem with GET

GET has always been the king of retrieving data. It's fast, cacheable, and understood by every browser and proxy.

But GET comes with one major limitation:

It wasn't designed to carry a request body.

Imagine building a search API where users can filter products by hundreds of options, nested objects, locations, and permissions. Stuffing all of that into a URL quickly becomes ugly, difficult to manage, and sometimes impossible because many servers and browsers limit URL length.

Developers needed something better.

Why POST Was Never the Perfect Solution

So developers did what developers always do...

They used POST.

POST allows sending large JSON payloads, making it perfect for complex searches. The problem?

POST usually means "I'm changing something."

But searching isn't changing anything.

You're simply asking a question.

Using POST for read-only operations confuses caches, proxies, API gateways, documentation tools, and even developers reading the API.

It works...

But it doesn't communicate intent.

Enter HTTP QUERY

HTTP QUERY was introduced to solve exactly this problem.

It allows clients to send a request body while clearly telling the server:

"I'm only asking for data. Nothing should be modified."

Think of it as combining the strengths of GET and POST.

Like GET, QUERY is safe—it shouldn't change server state.

Like POST, it allows sending complex request bodies without worrying about URL length.

It's not here to replace GET.

It's here to replace those POST requests that were secretly acting like GET.

What Does QUERY Actually Replace?

QUERY isn't a replacement for GET.

GET is still the best choice for simple resource retrieval.

Instead, QUERY replaces a common API pattern that looks like this:

POST /search
{
    "filters": {
        "category": "Laptop",
        "price": {
            "min": 500,
            "max": 1200
        }
    }
}

Nothing is being created.

Nothing is being updated.

It's just a search.

With QUERY, that intent becomes obvious.

Why This Matters

HTTP isn't just about making requests.

Every HTTP method tells the internet what you're trying to do.

Browsers cache GET.

Firewalls inspect POST differently.

Load balancers optimize based on method semantics.

By introducing QUERY, APIs become more expressive, predictable, and easier for intermediaries to understand.

Sometimes the biggest improvement isn't adding new features.

It's making your intent crystal clear.

Are There Any Disadvantages?

Like every new technology, QUERY isn't perfect.

The biggest challenge is adoption.

Many browsers, frameworks, proxies, API gateways, and HTTP libraries don't yet support QUERY because it's still relatively new.

That means developers may still rely on POST until tooling catches up.

There's also the reality that millions of existing APIs already use POST for searches. Rewriting them simply to use QUERY may not provide enough immediate benefit.

For now, QUERY is more about improving future API design than replacing everything overnight.

Should Developers Start Using It?

If you're designing brand-new APIs and your tools support QUERY, it's worth understanding because it accurately represents read-only requests with complex payloads.

If you're maintaining existing applications, don't panic.

GET and POST aren't going anywhere.

QUERY simply fills a gap that developers have been working around for years.

It's another step toward making the web a little more expressive—and a little less confusing.

Final Thoughts

HTTP QUERY isn't a revolutionary replacement for GET or POST.

It's a refinement.

A method created for a problem developers have quietly lived with for decades: sending complex search requests without pretending they're updates.

Sometimes progress isn't about inventing something completely new.

Sometimes it's about finally giving a common pattern the right name.

Comments

Popular posts from this blog

n8n – CVE-2025-68613: Critical RCE Vulnerability

JWT

Retrieval Augmented Generation