Is the HTTP method PUT and DELETE really idempotent ?

What is idempotent?

The idempotent is that the result of an operation is the same whether you perform it once or multiple times.

HTTP Method

GET・HEAD

It makes sense that GET and HEAD are idempotent.

What’s a bit tricky is that the response code returned to the client will vary.

The GET response would be 200 (200) or 304 (Not Modified), depending on whether the resource file is cached by the client.

PUT・DELETE

The question remains about PUT and DELETE.

The PUT updates the target resource, but creates the resource if it is not available.

DELETE deletes the target resource if it is present, but does nothing if it is not present.

If you look at the state of the server’s resources, in the case of PUT, the resource is created on the first request and the resource is updated on the second request.

In the case of DELETE, the first request removes the resource and the second request does nothing because the resource is not found.

Looking at the response to the client, in the case of PUT, the first request returns 201 (Created) and the second request returns 200 (Ok).

In the case of DELETE, the first request returns 200 (Ok) and the second request returns a 404 (NotFound).

This means that the first request and the second request are processed differently on the server side (internal server processing and the response from the server to the client).

Can this still be called an power (multiple times and the result is the same)?

answer

the definition of RFC


4.2.2.  Idempotent Methods

A request method is considered “idempotent” if the intended effect on

the server of multiple identical requests with that method is the

same as the effect for a single such request.  Of the request methods

defined by this specification, PUT, DELETE, and safe request methods

are idempotent.

Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content

RFC has the above description of idempotent methods.

If a request method is used to make multiple identical requests and the result on the server is the same as the result of a single request, then the request method is “idempotent”.

In other words, you can ignore the response result to the client because it says “effect on the server” first.

And if you look at the “result” of the server, the first result of PUT is the same (i.e., power) as the result on the server, because the resource exists as a result of the first PUT and the resource exists as a result of the second one, too.

If we take effect in “effect on the server” to mean “effect” or “influence,” we misunderstand it.

Also, it is confusing to take it as something that happens on the “result” server that communicates to the server, as was the original question, so we can take it as a “result” on the server after the communication to the server.

What do you mean by “safe”?

As a side note, PUT/DELETE is defined as power and not “safe”.

By “safe” I mean “read-only.

PUT/DELETE is naturally not “safe” because it does not only read but also write.