12
10Dev
3y

The fucking US Congressional website decided it was good design to straight up have JSON in the fucking URL.

Why

Comments
  • 2
    I mean that’s not too bad as long as they sanitise it when parsing it
  • 2
    It makes sense in my opinion.

    Eg. Open API 2 does this.

    After all, arrays are cumbersome as an query parameter and objects not possible.

    JSON is a defined standard, encoding is set, can be safely en -/ decoded to URI and allows notion of objects / arrays / ...

    There's really nothing bad here, quite the opposite - it's a good thing they did it.
  • 1
    I understand their point actually. Instead of having to get each parameters ect they just deserialize the query param and they're done.
  • 7
    Chrome limits url size to 2Mb (2048 characters). In most cases this should be enough but it’s something to bear in mind…
  • 3
    @black-kite

    Technically I think there is no limit defined, but for the whole URL many assume 2048 chars (encoded), for single query parameter 1024 chars.

    After all, it depends on the browser and server implementation. Though it's greatly disrecommended to pass sensitive or lengthy information via query parameters. Request body is a far better fit...
  • 0
  • 2
    @IntrusionCM this guy summed it up for me.

    https://stackoverflow.com/a/812962

    Each browser is different, so if we cater for the lowest available then we end up with 2048 as per IE standards.

    Although I think he got it wrong for chrome as their own docs - under url length state 2048.

    https://chromium.googlesource.com/c...
  • 2
    As they need JavaScript to request search results from the server, they already failed hard enough to make everything else irrelevant...

    But if you can't do the simplest frontend without JavaScript, then straight putting JSON into URLs actually is the logical thing to do.
Add Comment