This works, but it doesn't scale well to large resources or highupdate rates, where "large" and "high" are relative to your budget forbandwidth and tolerance for latency. It also means that you can'tsimply and safely say "change field X, overwriting whatever is there,but leave everything else as-is".
I've seen the same thought process recapitulated a few times now on howtosolve this problem in a RESTful way. The first thing that springs tomind is to ask if PUT can be used to send just the part you want tochange. This can be made to work but has some major problemsthat make it a poor general choice.
- A PUT to a resourcegenerally means "replace", not "update", so it's semanticallysurprising.
- In theory it could break write-through caches. (This is probablyequivalent to endangering unicorns.)
- It doesn'twork for deleting optional fields or updating flexible lists such asAtomcategories.
A good solution to the partial update problem would be efficient,address the canonical scenarioabove, be applicable to a wide range of cases, not conflict with HTTP,extend basic HTTP as little as possible, deal with optimisticconcurrency control, and deal with the lost update problem. The methodshould be discoverable (clients should be able to tell if a serversupports the method before trying it). It would also be nice if thesolution would let us treat data symmetrically, both getting andputting sub-parts of resources as needed and using the same syntax.
There are three contenders for a general solution pattern:
Expose Parts as Resources. PUT to a sub-resourcerepresents aresources' sub-elements with their own URIs. This is in spirit whatWeb3Sdoes. However, it pushes the complexity elsewhere: Intodiscovering the URIs of sub-elements, and into how ETags work acrosstwo resources that are internally related. Web3S appears to handleonlyhierarchical sub-resources, not slicing or arbitrary selections.
Accept Ranges on PUTs. Ranged PUT leverages andextends theexisting HTTP Content-Range:header to allow a client tospecify a sub-part of a resource, not necessarily just byte ranges buteven things like XPath expressions. Ranges are well understood in thecase of GET but were rejected as problematic for PUT a while back bytheHTTP working group. The biggest concern was that it adds a problematicmust-understand requirement. If a server or intermediary accepts a PUTbut doesn'tunderstand that it's just for a sub-range of the target resource, itcould destroy data. But, thisdoes allow for symmetry in reading andwriting. As an aside, the HTTP spec appears to contradict itselfabout whether range headers are extensible or are restricted to justbyte ranges. This method works fine with ETags; additional methods fordiscovery need to be specified but could be done easily.
Use PATCH. PATCH is a method that's beentalked about for awhilebut is the subject of some controversy. James Snell has revived LisaDusseault's draft PATCH RFC and updated it, and he's looking forcomments on the new version. I think this is a pretty good approachwith a few caveats. The PATCH method may not be supported byintermediaries, but if it fails it does fail safely. It requires a newverb, which is slightly painful. It allows for variety of patchingmethods via MIME types. It's unfortunately asymmetric in that it doesnot address the retrieval ofsub-resources. It works fine with ETags. It's discoverable via HTTPheaders (OPTIONS and Allow: PATCH).
The biggest issue with PATCH is the new verb. It's possible thatintermediaries may fail to support it, or actively block it. This isnot too bad, since PATCH is just an optimization -- if you can't useit, you can fall back to PUT. Or use https, which effectively tunnelsthrough most intermediaries.
On balance, I like PATCH. The controversy over the alternatives seemto justify the new verb. It solves the problem and I'd be happy withit. I would like there to be a couple of default delta formats definedwith the RFC.
The only thing missing is symmetricalretrieval/update. But, there's an interesting coda: PATCH is definedso that Content-Range is must-understand on PATCH:
So let's say aserver wanted to be symmetric; it could advertise support forXPath-based ranges on bothGET and PATCH. A client would use PATCH with a range to send backexactly the same data structure it retrievedearlier with GET. An example:The server MUST NOT ignore any Content-* (e.g. Content-Range)
headers that it does not understand or implement and MUST return
a 501 (Not Implemented) response in such cases.
which retrieves the XML:GET /abook.xmlRange: xpath=/contacts/contact[name="Joe"]/work_phone
Updating the phone number is very symmetrical with PATCH+Ranges:
The nice thing about this is that no new MIME types need to beinvented; the Content-Range header alerts the server that the stuffyou're sending is just a fragment; intermediaries will eitherunderstand this or fail cleanly; and the retrievalsand updates are symmetrical.PATCH /abook.xmlContent-Range: xpath=/contacts/contact[name="Joe"]/work_phone<contacts><contact><work_phone>408-555-1591</work_phone>