Okay, first this was of course nit-picking, as I just hoped to get across the point, that REST is not just pretty URLs.
> Except those are of course guidelines
Well, obviously.
> Instead of a list of methods, you get a list of methods (which do not have to stay the same, by the way) and a tree of resources.
Well, yes. But those are already established and if you're exchanging representations as REST demands, you shouldn't need anything more than GET, POST, PUT, DELETE and PATCH to manipulate data.
> Theoretically you should be able to crawl a REST API using only the document types and the root URL, I don't think I've ever seen a "public" API letting me that.
Sun tried to do that for their cloud computing API, I think they're the ones that created the term RESTful where you'd use elegant concepts like <link> in your representations to advertise available actions.
> Yes, because if you POST the same thing twice you don't risk fucking things up...
If you do it properly with versioning/unique ids where appropriate, then all your calls should be re-triable or at least fail.
> Oh you should be using PUT, not POST, you say? Good luck getting that one in browsers.
You can create browser API (with proper CSRF protection etc. btw) that acts as a [server-side] client to your REST API. Also I see most usage of any REST APIs from browsers coming from Javascript based clients, which usually don't impose such limitations.
> Except those are of course guidelines
Well, obviously.
> Instead of a list of methods, you get a list of methods (which do not have to stay the same, by the way) and a tree of resources.
Well, yes. But those are already established and if you're exchanging representations as REST demands, you shouldn't need anything more than GET, POST, PUT, DELETE and PATCH to manipulate data.
> Theoretically you should be able to crawl a REST API using only the document types and the root URL, I don't think I've ever seen a "public" API letting me that.
Sun tried to do that for their cloud computing API, I think they're the ones that created the term RESTful where you'd use elegant concepts like <link> in your representations to advertise available actions.
> Yes, because if you POST the same thing twice you don't risk fucking things up...
If you do it properly with versioning/unique ids where appropriate, then all your calls should be re-triable or at least fail.
> Oh you should be using PUT, not POST, you say? Good luck getting that one in browsers.
You can create browser API (with proper CSRF protection etc. btw) that acts as a [server-side] client to your REST API. Also I see most usage of any REST APIs from browsers coming from Javascript based clients, which usually don't impose such limitations.