[英]Create request with POST, which response codes 200 or 201 and content

Suppose I write a REST service whose intent is to add a new data item to a system.


I plan to POST to



Suppose that works, what response code should I use? And what content might I return.


I'm looking at the definitions of HTTP response codes and see these possibilities:


200: Return an entity describing or containing the result of the action;


201: which means CREATED. Meaning *The request has been fulfilled and resulted in a new resource being created. The newly created resource can be referenced by the URI(s) returned in the entity of the response, with the most specific URI for the resource given by a Location header field. The response SHOULD include an entity containing a list of resource characteristics and location(s) from which the user or user agent can choose the one most appropriate. The entity format is specified by the media type given in the Content-Type header field. *

201:表示創建。含義*請求已完成並導致創建新資源。新創建的資源可以由響應實體中返回的URI引用,具有Location頭字段給出的資源的最特定URI。響應應該包括一個實體,其中包含資源特征和位置的列表,用戶或用戶代理可以從中選擇最合適的資源特征和位置。實體格式由Content-Type頭字段中給出的媒體類型指定。 *

The latter sounds more in line with the Http spec, but I'm not at all clear what


The response SHOULD include an entity containing a list of resource characteristics and location(s)




Recommendations? Interpretations?


7 个解决方案





It's just a colon delimited key-value.


ETag: "xyzzy"


It can be any type of text data - I generally include a JSON string with the identifier of the item created. The ease of testing alone makes including it worthwhile.

它可以是任何類型的文本數據 - 我通常包含一個JSON字符串,其中包含所創建項目的標識符。單獨測試的簡易性使得包括它值得。

ETag: "{ id: 1234, uri: 'http://domain.com/comments/1234', type: 'comment' }"

In this example, the identifier, the uri, and type of the created item are the "resource characteristics and location".




I think atompub REST API is a great example of a restful service. See the snippet below from the atompub spec:

我認為atompub REST API是一個很好的寧靜服務示例。請參閱atompub規范中的以下代碼段:

POST /edit/ HTTP/1.1
Host: example.org
User-Agent: Thingio/1.0
Authorization: Basic ZGFmZnk6c2VjZXJldA==
Content-Type: application/atom+xml;type=entry
Content-Length: nnn
Slug: First Post

<?xml version="1.0"?>
<entry xmlns="http://www.w3.org/2005/Atom">
  <title>Atom-Powered Robots Run Amok</title>
  <author><name>John Doe</name></author>
  <content>Some text.</content>

The server signals a successful creation with a status code of 201. The response includes a Location header indicating the Member Entry URI of the Atom Entry, and a representation of that Entry in the body of the response.

服務器用狀態代碼201表示成功創建。響應包括指示Atom Entry的成員條目URI的Location頭,以及響應主體中該Entry的表示。

HTTP/1.1 201 Created
Date: Fri, 7 Oct 2005 17:17:11 GMT
Content-Length: nnn
Content-Type: application/atom+xml;type=entry;charset="utf-8"
Location: http://example.org/edit/first-post.atom
ETag: "c180de84f991g8"  

<?xml version="1.0"?>
<entry xmlns="http://www.w3.org/2005/Atom">
  <title>Atom-Powered Robots Run Amok</title>
  <author><name>John Doe</name></author>
  <content>Some text.</content>
  <link rel="edit"

The Entry created and returned by the Collection might not match the Entry POSTed by the client. A server MAY change the values of various elements in the Entry, such as the atom:id, atom:updated, and atom:author values, and MAY choose to remove or add other elements and attributes, or change element content and attribute values.

集合創建和返回的條目可能與客戶端發布的條目不匹配。服務器可以更改Entry中各種元素的值,例如atom:id,atom:updated和atom:author values,並且可以選擇刪除或添加其他元素和屬性,或者更改元素內容和屬性值。



The idea is that the response body gives you a page that links you to the thing:


201 Created


The 201 (Created) status code indicates that the request has been fulfilled and has resulted in one or more new resources being created. The primary resource created by the request is identified by either a Location header field in the response or, if no Location field is received, by the effective request URI.


This means that you would include a Location in the response header that gives the URL of where you can find the newly created thing:


HTTP/1.1 201 Created
Date: Sat, 02 Apr 2016 12:22:40 GMT
Location: http://stackoverflow.com/a/36373586/12597

Response body

They then go on to mention what you should include in the response body:


The 201 response payload typically describes and links to the resource(s) created.


For the human using the browser, you give them something they can look at, and click, to get to their newly created resource:


HTTP/1.1 201 Created
Date: Sat, 02 Apr 2016 12:22:40 GMT
Location: http://stackoverflow.com/a/36373586/12597
Content-Type: text/html

Your answer has been saved! 
Click <A href="/a/36373586/12597">here</A> to view it.

If the page will only be used by a robot, the it makes sense to have the response be computer readable:


HTTP/1.1 201 Created
Date: Sat, 02 Apr 2016 12:22:40 GMT
Location: http://stackoverflow.com/a/36373586/12597
Content-Type: application/xml


Or, if you prefer:


HTTP/1.1 201 Created
Date: Sat, 02 Apr 2016 12:22:40 GMT
Location: http://stackoverflow.com/a/36373586/12597
Content-Type: application/json

   "questionID": 1860645, 
   "answerID": 36373586,
   "primary": "/a/36373586/12597",
   "additional": [

The response is entirely up to you; it's arbitrarily what you'd like.


Cache friendly

Finally there's the optimization that i can pre-cache the created resource (because i already have the content; i just uploaded it). The server can return a date or ETag which i can store with the content i just uploaded:


See Section 7.2 for a discussion of the meaning and purpose of validator header fields, such as ETag and Last-Modified, in a 201 response.


HTTP/1.1 201 Created
Date: Sat, 02 Apr 2016 12:22:40 GMT
Location: http://stackoverflow.com/a/23704283/12597
Content-Type: text/html
Last-Modified: Sat, 02 Apr 2016 12:22:39 GMT 

Your answer has been saved! 
Click <A href="/a/36373586/12597">here</A> to view it.

And ETag s are purely arbitrary values. Having them be different when a resource changes (and caches need to be updated) is all that matters. The ETag is usually a hash (e.g. SHA2). But it can be a database rowversion, or an incrementing revision number. Anything that will change when the thing changes.

ETag是純粹的任意價值觀。當資源發生變化(並且需要更新緩存)時,讓它們變得不同是最重要的。 ETag通常是散列(例如SHA2)。但它可以是數據庫rowversion,也可以是遞增的修訂版號。當事物發生變化時會發生任何變化。



Check out HTTP: Method Definitions: POST.


The action performed by the POST method might not result in a resource that can be identified by a URI. In this case, either 200 (OK) or 204 (No Content) is the appropriate response status, depending on whether or not the response includes an entity that describes the result.

POST方法執行的操作可能不會生成可由URI標識的資源。在這種情況下,200(OK)或204(No Content)是適當的響應狀態,具體取決於響應是否包括描述結果的實體。

If a resource has been created on the origin server, the response SHOULD be 201 (Created) and contain an entity which describes the status of the request and refers to the new resource, and a Location header (see section 14.30).




In a few words:


  • 200 when an object is created and returned
  • 200創建並返回對象時
  • 201 when an object is created but only its reference is returned (such as an ID or a link)
  • 201創建對象但僅​​返回其引用(例如ID或鏈接)時



The output is actually dependent on the content type being requested. However, at minimum you should put the resource that was created in Location. Just like the Post-Redirect-Get pattern.


In my case I leave it blank until requested otherwise. Since that is the behavior of JAX-RS when using Response.created().


However, just note that browsers and frameworks like Angular do not follow 201's automatically. I have noted the behaviour in http://www.trajano.net/2013/05/201-created-with-angular-resource/




Another answer I would have for this would be to take a pragmatic approach and keep your REST API contract simple. In my case I had refactored my REST API to make things more testable without resorting to JavaScript or XHR, just simple HTML forms and links.

我將要做的另一個答案是采取務實的方法並保持REST API合約的簡單性。在我的情況下,我重構了我的REST API,以便在不使用JavaScript或XHR,只需簡單的HTML表單和鏈接的情況下使事情更具可測性。

So to be more specific on your question above, I'd just use return code 200 and have the returned message contain a JSON message that your application can understand. Depending on your needs it may require the ID of the object that is newly created so the web application can get the data in another call.


One note, in my refactored API contract, POST responses should not contain any cacheable data as POSTs are not really cachable, so limit it to IDs that can be requested and cached using a GET request.




粤ICP备14056181号  © 2014-2021 ITdaan.com