HTTP Just Got Its First New Method In 20 Years

You have likely done this before.

You need to search for products. Your search filters are too large for a URL. To fix this, you use a POST request.

It works. But it is a lie. You tell HTTP that you are changing data when you are only reading it.

In June 2026, the IETF published RFC 10008. It defines a new HTTP method called QUERY. This is the first new method in over two decades. It solves the exact problem mentioned above.

The Current Problem

GET is great for reading data. It is safe and cacheable. But it cannot carry a request body. URLs also have character limits.

POST carries a body. But HTTP assumes POST changes state. This means you lose automatic caching and safe retries. If a POST request times out, you cannot simply retry it. You do not know if the server already changed something.

The Solution: QUERY

QUERY is a GET request with a body. It provides two guarantees:

  • It is safe. It does not modify data.
  • It is idempotent. Sending it twice gives the same result as sending it once.

How to use it today

You can use this right now with Axios or Fetch.

Axios example:

axios.request({ method: 'QUERY', url: '/api/products', data: { category: 'shoes', maxPrice: 100 } })

Fetch example:

fetch('/api/products', { method: 'QUERY', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ category: 'shoes', maxPrice: 100 }) })

What to expect next

The transition will not happen overnight. Here is the roadmap:

  • Infrastructure: Nginx and Apache will pass these requests. You may need to update your WAF or security rules to allow the QUERY method.
  • Frameworks: Expect Spring, Rails, and Express to add native support throughout 2026 and 2027.
  • CDNs: Since engineers from Cloudflare and Akamai helped write this, expect fast CDN support. This makes caching much easier.

Why this matters for your code

  1. Automatic Retries: Since QUERY is idempotent, mobile apps and clients can retry failed requests safely.
  2. Better Caching: CDNs can cache QUERY responses based on the body. You can delete your hand-rolled Redis cache layers.
  3. Cleaner URLs: You no longer need to jam complex JSON into URL query parameters.
  4. Semantic APIs: Your API documentation becomes clearer. Developers will know exactly which endpoints read data and which ones write data.

Prepare your team by auditing your current POST endpoints. Identify which ones only read data. Those are your future QUERY endpoints.

Source: https://dev.to/andresclua/http-just-got-its-first-new-method-in-20-years-heres-why-you-should-care-2h5p