RFC 9110Lane E · APIs + AgentsFREE

REST API

REST over HTTP — the workhorse of web APIs. The animation shows a request-response cycle with the request header chip distinct from the response body chip (response body chip is wider). Server processing gap visible between request and response.

Animation

Header bytes

Body bytes

Engineering pitfalls

Idempotency on POST without idempotency keys

POST is not idempotent by HTTP semantics. If your client retries on timeout, you may create duplicate resources. Use an `Idempotency-Key` header (Stripe pattern) so server can dedupe.

Pagination cursor instability

Offset-based pagination breaks when items insert during traversal. Use cursor-based pagination (last-seen ID or timestamp) for stable streams.

CORS preflight on every state-changing request

Browsers send an OPTIONS preflight before non-simple requests. Cache the preflight response (Access-Control-Max-Age) to avoid 2× round trips on every API call.

References

Primary sources

RFC 9110 — HTTP Semantics.
RFC 9111 — HTTP Caching.
Fielding, R. — Architectural Styles and the Design of Network-based Software Architectures (2000 dissertation, REST origin).