Reputation: 2351
REST API: Validating request params in GET request?
If you have query string param secondaryId on a GET endpoint of a REST API which searches a resource by that secondaryId, should you apply the same validation on that query string parameter that you would apply to the secondaryId in a CREATE or UPDATE?. For instance, if secondaryId can only be 10 characters long, should you validate the secondaryId in the querystring param of a GET request?
To me this seems out of place in the context of GETting a resource, but I can't find any resources online that mention this explicitly.
Upvotes: 0
Views: 501
Answers (1)
Reputation: 99505
From the perspective of HTTP, if somebody tries to GET something using a url that doesn't point to anything, it simply means that that resource doesn't exist.
Irrespective of how the id is validated, or what you do with it... you probably just want to return 404 Not Found.
Upvotes: 1
Related Questions
- API Validating basket on get request
- How to validate parameters for rest controller
- REST parameter validation
- How to secure/validate GET parameters
- Validating Query Params in REST API
- Validating HTTP POST request body for a REST API
- validating post params in api controller
- REST API validation for query string
- What REST action should I use for Validate?
- How to automatically validate rest parameters in @RestController?