I have an API that displays Supplier Products
Our UI will allow the user to select various filter criteria and use that to delete a number of products at once.
The problem is that it takes too long do do a few thousand individual HTTP delete requests:
DELETE /api/supplier/6/products/5
DELETE /api/supplier/6/products/7
DELETE /api/supplier/6/products/8
DELETE /api/supplier/6/products/10
...
The intention is to make one HTTP call to delete a bunch of supplier products at once. I can pass a body to the delete so that it contains a list of all the ID's that we would like to delete:
DELETE /api/supplier/6/products
Body:
{
"DeleteIds": "[5,7,8,10]"
}
This worked well until we put it behind our production proxy firewall which stripped the body from the DELETE request.
I have had a look at the HTTP Spec RFC 2616 Fielding, et al. and it doesn't explicity state that I shouldn't use a body in a DELETE request and further reading has shown that there isn't anything wrong with sending a body with a DELETE request.
I have control over our proxy server and have been able to allow the body to be passed through for all requests, but I worry that this may not be best practise. We could have thousands of Id's that we pass through and I don't want to us headers or URL parameters as we could run up against length restrictions.
So my question is: What would be the correct way to do a Delete for multiple products using the body of a request? Not just an opinion, but is there actual documented evidence out there for as to why I should not use the body of a HTTP DELETE?
Should I continue with
DELETE /api/supplier/6/products (Using a body)
or should not use DELETE with a body and instead do a POST to something like
POST /api/supplier/6/products/deletemultiple
Edit: There is some good debate in this question: Restful way for deleting a bunch of items It doesn't address my question about using the body of a DELETE request for a custom delete action, but there is some good debate on different ways that a batch delete can happen.
I've done both, and when I want to pass several items to a delete action I use a POST
and just have an int[]
as the parameter, but I make sure that the URL I am calling is very explicit since I'm using configuration over convention: i.e:
/api/products/DeleteAllById
If I am deleting individual items, then I will use DELETE
.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With