why is it considered to be bad practice to send http request meta data in the json payload request body itself instead of using request header?

The resource “operation” is composed of an action, a product and a price. When creating a new operation, you then need to pass an action, a product and a price.

The token isn’t part of an operation though: it’s a metadata that needs to be sent alongside the request for security purposes. Technically, you don’t need a token to create an operation.

Making the body of the HTTP requests and responses hold a representation of the resource(s) being dealt with, produces an arguably more elegant API, closer to what REST is all about: resources.

Even backend side, it should allow you to share DTOs across your request handlers. Most frameworks deal with security via some kinds of HTTP filters, leaving your request handlers very business-focused (as they should be).

CLICK HERE to find out more related problems solutions.

Leave a Comment

Your email address will not be published.

Scroll to Top