Open RaySinnema opened 8 years ago
Would you mind elaborating on what the context of the problem is? HAL is not supposed to be received by the server but a reading format.
Where does it say that HAL can only be used as input?
This post from Mike Kelly seems to imply that HAL can be used for sending data to the server: https://groups.google.com/d/msg/hal-discuss/54greBxUWLQ/Xurqipg36gEJ
Well on the face of things, when you receive a HAL document as your input, what if the "self" link points to a different URI than was sent out? Would that mean to overwrite a different record? The same can be said for any other links.
I can imagine the following sequence:
What would you expect to happen? Replace the record's "id" (which is 2) with 1, which might generate a constraint violation? If order 2 was linked to a customer, should it remap it to a different customer? Every relationship in that resource could blasted in what might be a typo from the user. Could also be viewed as a security hole.
By instead requiring PUTs to actually rewrite the relationships directly, the user is forced to consciously update such links, not accidentally slipped through _links.
This is a fairly common problem that we see in most of our APIs, whether they use HAL or not. There are several solutions to the problem; the easiest one is probably to declare _links
as read-only and thus completely ignore it when processing requests.
We do that to allow clients to GET
a representation, update something and then PUT
it back without bothering to remove read-only properties. It's an application of the principle of "be conservative in what you send, be liberal in what you accept".