Updated July 7, 2026
HTTP methods reference
HTTP methods (verbs) describe the action a request wants to perform on a resource. Two properties matter: a safe method does not change data, and an idempotent method has the same effect whether sent once or many times. QUERY was added by RFC 10008 in June 2026 for safe, idempotent queries that need request content.
Methods
| Method | Typical use | Properties |
|---|---|---|
GET | Retrieve a resource without changing it. | Safe, idempotent |
HEAD | Like GET but returns only headers, no body. | Safe, idempotent |
QUERY | Run a safe, idempotent query with request content instead of a long URL. | Safe, idempotent |
POST | Create a resource or submit data for processing. | Not safe, not idempotent |
PUT | Replace a resource entirely, or create it at a known URL. | Not safe, idempotent |
PATCH | Apply a partial update to a resource. | Not safe, not always idempotent |
DELETE | Remove a resource. | Not safe, idempotent |
OPTIONS | Ask which methods and options a resource supports. | Safe, idempotent |
GET, HEAD, QUERY). Idempotent means repeating it has the same result as sending it once (GET, QUERY, PUT, DELETE). POST is neither.QUERY was standardized in RFC 10008 as a safe, idempotent method that can carry request content. It fills the gap between GET with long query strings and POST requests that are really read-only searches. Servers can advertise supported request formats with the Accept-Query response header. Browser clients should expect a CORS preflight because QUERY is not a CORS-safelisted method.References
Questions
What does idempotent mean for an HTTP method?
It means sending the request once or many times has the same effect on the server. DELETE is idempotent: deleting the same resource twice still leaves it deleted.
When should I use PUT vs POST?
Use POST to create a resource when the server assigns its location, and PUT to create or replace a resource at a URL you already know. PUT is idempotent; POST is not.
What is the HTTP QUERY method?
QUERY is a 2026 HTTP method from RFC 10008 for safe, idempotent queries that need a request body. It is useful for complex filters or search requests that are too large or awkward for a URL query string, but it only works when the server supports it.