best approach to design a rest web service with binary data to be consumed from the browser

Question

I'm developing a json rest web service that will be consumed from a single web page app built with backbone.js

This API will let the consumer upload files related to some entity, like pdf reports related to a project

Googling around and doing some research at stack overflow I came with these possible approaches:

First approach: base64 encoded data field

POST: /api/projects/234/reports {   author: 'xxxx',   abstract: 'xxxx',   filename: 'xxxx',   filesize: 222,   content: '<base64 encoded binary data>' } 

Second approach: multipart form post:

POST: /api/projects/234/reports {   author: 'xxxx',   abstract: 'xxxx', } 

as a response I'll get a report id, and with that I shall issue another post

POST: /api/projects/234/reports/1/content enctype=multipart/form-data 

and then just send the binary data

(have a look at this: https://stackoverflow.com/a/3938816/47633)

Third approach: post the binary data to a separate resource and save the href

first I generate a random key at the client and post the binary content there

POST: /api/files/E4304205-29B7-48EE-A359-74250E19EFC4 enctype=multipart/form-data 

and then

POST: /api/projects/234/reports {   author: 'xxxx',   abstract: 'xxxx',   filename: 'xxxx',   filesize: 222,   href: '/api/files/E4304205-29B7-48EE-A359-74250E19EFC4' } 

(see this: https://stackoverflow.com/a/4032079/47633)

I just wanted to know if there's any other approach I could use, the pros/cons of each, and if there's any established way to deal with this kind of requirements

the big con I see to the first approach, is that I have to fully load and base64 encode the file on the client

some useful resources:

• Post binary data to a RESTful application
• What is a good way to transfer binary data to a HTTP REST API service?
• How do I upload a file with metadata using a REST web service?
• Bad idea to transfer large payload using web services?
• https://stackoverflow.com/a/5528267/47633

Answer 1

My research results:

1. Single request (data included)

   The request contains metadata. The data is a property of metadata and encoded (for example: Base64).

   Pros:

   • transactional
   • everytime valid (no missing metadata or data)

   Cons:

   • encoding makes the request very large

   Examples:

   • Twitter
   • GitHub
   • Imgur

2. Single request (multipart)

   The request contains one or more parts with metadata and data.

   Content types:

   • multipart/form-data
   • multipart/mixed
   • multipart/related

   Pros:

   • transactional
   • everytime valid (no missing metadata or data)

   Cons:

   • content type negotiation is complex
   • content type for data is not visible in WADL

   Examples:

   • Confluence (with parts for data and for metadata)
   • Jira (with one part for data, metadata only part headers for file name and mime type)
   • Bitbucket (with one part for data, no metadata)
   • Google Drive (with one part for metadata and one for part data)

3. Single request (metadata in HTTP header and URL)

   The request body contains the data and the HTTP header and the URL contains the metadata.

   Pros:

   • transactional
   • everytime valid (no missing metadata or data)

   Cons:

   • no nested metadata possible

   Examples:

   • S3 GetObject and PutObject

4. Two request

   One request for metadata and one or more requests for data.

   Pros:

   • scalability (for example: data request could go to repository server)
   • resumable (see for example Google Drive)

   Cons:

   • not transactional
   • not everytime valid (before second request, one part is missing)

   Examples:

   • Google Drive
   • YouTube