FHIR Chat · Trailing slash at resource endpoints · implementers

Stream: implementers

Topic: Trailing slash at resource endpoints

view this post on Zulip Ken Sinn (May 08 2020 at 19:10):

Hi all,
Wondering if there has been any general guidance on handling of trailing slashes at a FHIR resource endpoint.
"http://[base]/Practitioner/" -- is this considered:
1) bad syntax resulting in a 400 (unable to interpret intent of request)
2) missing resource id (assumes the intent was [base]/Practitioner/134 but id was left off)
3) 404 (similar to missing resource id)
4) some other behaviour?

view this post on Zulip Lloyd McKenzie (May 08 2020 at 19:15):

@Josh Mandel @Grahame Grieve

view this post on Zulip Ken Sinn (May 08 2020 at 19:21):

I believe the HAPI implementation drops the forward slash and interprets it as "[base]/Practitioner" i.e. a request for all resources at the endpoint. http://hapi.fhir.org/baseR4/Patient/

view this post on Zulip Grahame Grieve (May 08 2020 at 19:41):

so does test.fhir.org

view this post on Zulip Grahame Grieve (May 08 2020 at 19:41):

and I think it's the least unreasonable behavior

view this post on Zulip Vassil Peytchev (May 08 2020 at 20:02):

Should it be codified as required, or at least preferred behavior?

view this post on Zulip Grahame Grieve (May 08 2020 at 23:56):

yes it probably should be clarified

view this post on Zulip Lloyd McKenzie (May 08 2020 at 23:57):

Change request anyone? :)

view this post on Zulip Ken Sinn (May 11 2020 at 13:59):

I can create the CR. Is the guidance that a trailing forward slash should be dropped, and interpreted as above? Is the guidance that this is a preferred behaviour, rather than a Must?

view this post on Zulip Lloyd McKenzie (May 11 2020 at 19:37):

It's certainly preferred. I'm not sure we can make it SHALL anymore

view this post on Zulip Ken Sinn (May 11 2020 at 21:43):

Are there any conformance rules requiring a server return all Patient resources against an "http://hapi.fhir.org/baseR4/Patient" endpoint (or your insert your favourite resource)? I'm trying to scour through the HTTP and Search pages, and while that's the typical behaviour, i.e. a criteria-less search (as seen on many test servers), we would like to return an HTTP error, due to potential privacy concerns.

view this post on Zulip Michele Mottini (May 11 2020 at 21:45):

No, there is no such rule. Most 'real' servers reject those kind of requests

view this post on Zulip Ken Sinn (May 11 2020 at 21:56):

What is the typical error returned for such requests? 400 Bad request (poor syntax), 403 Forbidden, 405 Method Not Allowed, 422 Unprocessable Entity?

view this post on Zulip Grahame Grieve (May 12 2020 at 00:23):

I would recommend 422 - it's a business rule that you don't support a search like that

view this post on Zulip Ken Sinn (May 13 2020 at 18:22):

CR created - https://jira.hl7.org/browse/FHIR-27113
Could the expected behaviour of "http://[base]/[resourceType]" also be clarified, along with the recommendation of "422" as noted above for most production implementations? Should this be a separate CR, or appended as a comment to the CR above?

Last updated: Apr 12 2022 at 19:14 UTC


An HL7 Website -