HTTP QUERY Explained: Safe Requests That Include a Body 0 ▲ Funky Si's Blog 3 hours ago · 8 min read1661 words · Tech · hide · 0 comments For years, API designers have had an awkward choice when a search got too complex for a URL. Stuff it into a GET query string and hit practical URI length limits, or send a body with POST and pretend a read-only filter is a write. Neither option felt right. In June 2026 the IETF published RFC 10008 , which defines QUERY — a new HTTP method that is safe and idempotent like GET, but carries request content like POST. That long-standing gap finally has a standard answer. The problem QUERY solves GET is the right semantic for “please return something, and I am not asking you to change state.” It is safe, idempotent, and cacheable. The catch is where the input lives: in the URI. Complex filters, GraphQL-style documents, Elasticsearch queries, or large multi-field search payloads do not always fit comfortably in a URL. RFC 9110 suggests supporting request targets of at least 8,000 octets, but browsers, proxies, and gateways vary — and overflowing those limits is a practical failure, not a… No comments yet. Log in to reply on the Fediverse. Comments will appear here.