HTTP PUT Method

The HTTP PUT method is used to update an existing resource on the server. Typically, the PUT method replaces an existing resource on the server, while the POST method creates or adds a resource on the server. Unlike GET and HEAD requests, the PUT requests may change the server state.

You can send data to the server in the body of the HTTP PUT message. The type and size of data are not limited. But you must specify the data type in the Content-Type header and the data size in the Content-Length header fields. You can also send data to the server using URL parameters. In this case, you are limited to the maximum size of the URL, which is about 2000 characters (depends on the browser).

The PUT method is defined as idempotent, which means that multiple identical PUT requests should have the same effect as a single request.

The following example demonstrates sending a PUT request to the server:

PUT Request Example Live Request
PUT /echo/put/json HTTP/1.1
Authorization: Bearer mt0dgHmLJMVQhvjpNXDyA83vA_PxH23Y
Accept: application/json
Content-Type: application/json
Content-Length: 85
Host: reqbin.com

{
  "Id": 12345,
  "Customer": "John Smith",
  "Quantity": 1,
  "Price": 10.00
}

And the server response:

Server Response
HTTP/1.1 200 OK
Content-Length: 19
Content-Type: application/json

{"success":"true"}


Some notes on PUT requests:
  • PUT requests are never cached
  • PUT requests do not remain in the browser history
  • PUT requests cannot be bookmarked

GET vs PUT

GET PUT
Browser BACK button/Reload Harmless Data will be re-submitted (the browser should alert the user that the data are about to be re-submitted)
Bookmarked Can be bookmarked Cannot be bookmarked
Cached Can be cached Not cached
History Parameters remain in browser history Parameters are not saved in browser history
Restrictions on data length Yes, when sending data, the GET method adds the data to the URL; and the length of a URL is limited (maximum URL length is 2048 characters) No restrictions
Restrictions on data type Only ASCII characters allowed No restrictions. Binary data is also allowed
Security GET is less secure compared to PUT because data sent is part of the URL

Never use GET when sending passwords or other sensitive information!
Visibility Data is visible to everyone in the URL Data is not displayed in the URL

POST vs PUT

The fundamental difference between the POST and PUT requests is reflected in the different meaning of the Request-URI. The URI in a POST request identifies the resource that will handle the enclosed entity. In contrast; the URI in a PUT request identifies the entity enclosed with the request. Practically speaking, POST is used to append a resource to an existing collection, while PUT is used to update an existing resource.

To read more about HTTP PUT method please check RFC2616.