Reflections on the REST Architectural Style and “Principled Design of the Modern Web Architecture”

Roy T. Fielding Adobe Richard N. Taylor University of California, Irvine Justin R. Erenkrantz Bloomberg Michael M. Gorlick University of California, Irvine Jim Whitehead University of California, Santa Cruz Rohit Khare Google Peyman Oreizy Dynamic Variable LLC Outline

ESEC/FSE’17, September 8, 2017, Paderborn, Germany 2 Original proposal for the World Wide Web

IBM Computer GroupTalk conferencing

Hyper for example Card uucp News ENQUIRE VAX/ NOTES Hierarchical systems

for example for example unifies A Proposal Linked "Mesh" CERNDOC information describes

describes includes includes C.E.R.N This describes document division "Hypertext"

refers group group includes describes to wrote

section

Hypermedia etc Tim Comms Berners-Lee ACM

[Berners-Lee, 1989]

ESEC/FSE’17, September 8, 2017, Paderborn, Germany 3 The Web is an application integration system

IBM Computer GroupTalk conferencing

Hyper for example Card uucp News ENQUIRE VAX/ NOTES Hierarchical systems

for example for example unifies A Proposal Linked "Mesh" CERNDOC information describes

[Berners-Lee, 1989]

ESEC/FSE’17, September 8, 2017, Paderborn, Germany 4 describes includes includes C.E.R.N This describes document division "Hypertext"

refers group group includes describes to wrote

section

Hypermedia etc Tim Comms Berners-Lee ACM

A bit of context 23,517 Aug 2017: 1,800,566,882 (76,564x)

10,022

2,738

623 130 Jun 93 Dec 93 Jun 94 Dec 94 Jun 95 Public WWW servers [Matthew Gray]

ESEC/FSE’17, September 8, 2017, Paderborn, Germany 5 A bit of context 23,517 Aug 2017: 1,800,566,882 (76,564x) Using the Web

HTTP editor

Relative URLs

wwwstat

10,022

SJ IETF

Conditional GET 2nd WWW

2,738

1st WWW HTTP Object Model 623 130 Jun 93 Dec 93 Jun 94 Dec 94 Jun 95 Public WWW servers [Matthew Gray]

ESEC/FSE’17, September 8, 2017, Paderborn, Germany 5 Three (very different) perspectives of the Web

http://www.w3.org/TR/html4/

next table of contents elements attributes index Network Working Group R. Fielding Request for Comments: 2068 UC Irvine Category: Standards Track J. Gettys J. C. Mogul DEC H. Frystyk T. Berners-Lee HTML 4.01 Specification MIT/LCS January 1997 W3C Recommendation 24 December 1999

This version: http://www.w3.org/TR/1999/REC-html401-19991224 (plain text [794Kb], gzip'ed tar archive of HTML files [371Kb], a .zip archive of HTML files [405Kb], gzip'ed Postscript file [746Kb, 389 pages], gzip'ed PDF file [963Kb]) Hypertext Transfer Protocol -- HTTP/1.1 Latest version of HTML 4.01: http://www.w3.org/TR/html401 Latest version of HTML 4: Status of this Memo http://www.w3.org/TR/html4 file://localhost/Users/fielding/ws/labs-webarch/uri/rfc/rfc3986.html This document specifies an Internet standards track protocol for the Internet community, and requests Latest version of HTML: discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official http://www.w3.org/TR/html Previous version of HTML 4.01: Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this Network Working Group T. Berners-Lee http://www.w3.org/TR/1999/PR-html40-19990824 memo is unlimited. Previous HTML 4 Recommendation: Request for Comments: 3986 W3C/MIT http://www.w3.org/TR/1998/REC-html40-19980424 Obsoletes: 2732, 2396, 1808 R. Fielding Editors: STD: 66 AbstractDay Software Dave Raggett Updates: 1738 The Hypertext TranLs.f eMr aPsrionttoecro l (HTTP) is an application-level protocol for distributed, collaborative, Arnaud Le Hors, W3C Category: Standards Track Adobe Systems Ian Jacobs, W3C hypermedia information systems. It is a generic, stateless, object-oriented protocol which can be used for many tasks, such Jaasn nuaamrye 2se0r0v5e rs and distributed object management systems, through extension of its Copyright ©1997-1999 W3C® (MIT, INRIA, Keio), All Rights Reserved. W3C liability, trademark, document use request methods. A feature of HTTP is the typing and negotiation of data representation, allowing systems and software licensing rules apply. to be built independently of the data being transferred. Uniform Resource IdentHifTiTeP rha s( bUeenR inI u)se: b y the World-Wide Web global information initiative since 1990. This specification Abstract Generic Syntadxefines the protocol referred to as “HTTP/1.1”. This specification defines the HyperText Markup Language (HTML), the publishing language of the World Wide Web. This specification defines HTML 4.01, which is a sSubtvaertsuions o of HfT tMhL i4s. I nM adedmitioon to the text, multimedia, and hyperlink features of the previous versions of HTML (HTML 3.2 [HTML32] and HTML 2.0 [RFC1866]), HTML 4 supports more multimedia options, Thisscrip tdocumenting langua gspecifieses, style an Internet standards track protocol for the Internet community, sheets, better printing facilities, and documents that are more accessiblea tnod u rseeqrsu ewsiths ddiissacbuislistiieosn. and suggestions for improvements. Please refer to the current HTML 4 also takes great strides towards the internationalization of documedenittiso,n w oitfh tthe g“Ionatl eorfn meta kOinffgicial Protocol Standards” (STD 1) for the standardization state the Web truly World Wide. and status of this protocol. Distribution of this memo is unlimited.

HTML 4 is an SGML application conforming to International StandardC ISoOp 8y87r9i g-- hSta nNdaordtice Generalized Markup Language [ISO8879]. Copyright © The Internet Society (2005). All Rights Reserved. Status of this document Abstract This section describes the status of this document at the time of its publication. Other documents may Information supersede this document. The latest status of this document series is mAai nUtaniinfoerdm a tR theeso Wur3cCe. Identifier (URI) is a compact sequence of characters that identifies an abstract or physical resource. This specification defines the generic URI syntax and a process for resolving URI references that might be in relative form, along with guidelines and security considerations for the use of URIs on the Internet. The URI syntax defines a grammar that is a superset of all valid URIs, allowing an implementation to parse the common components of a URI reference without knowing the scheme-specific requirements of every p4/o2s/0s8ib 1le2 :i0d9e AntMifier. This specification does not define a generative grammar for URIs; that task is performed by the individual specifications of each URI scheme.

Fielding, et al Standards Track [Page 1] Browsers Protocols

4/2/08 12:16 AM

ESEC/FSE’17, September 8, 2017, Paderborn, Germany 6 Web Implementation (user view)

ESEC/FSE’17, September 8, 2017, Paderborn, Germany 7 Web Implementation (origin view)

Intermediary Proxy Cache

User Agents Webservers/Gateways Application Servers Accelerator Cache Dynamic Content Centralized Data RDBMS, NFS, SAN

ESEC/FSE’17, September 8, 2017, Paderborn, Germany 8 Web Architecture

Architecture is a vertical abstraction on implementation

User Agents $ $

$ Proxies Gateways Origin Servers

$ $ $

$ $

ESEC/FSE’17, September 8, 2017, Paderborn, Germany 9 Web Architecture

Web protocols defne that vertical abstraction on implementation http://www.w3.org/TR/html4/

This version: http://www.w3.org/TR/1999/REC-html401-19991224 (plain text [794Kb], gzip'ed tar archive of HTML files [371Kb], a .zip archive of HTML files [405Kb], gzip'ed Postscript file [746Kb, 389 pages], gzip'ed PDF file [963Kb]) Hypertext Transfer Protocol -- HTTP/1.1 Latest version of HTML 4.01: http://www.w3.org/TR/html401 Latest version of HTML 4: Status of this Memo http://www.w3.org/TR/html4 file://localhost/Users/fielding/ws/labs-webarch/uri/rfc/rfc3986.html This document specifies an Internet standards track protocol for the Internet community, and requests Latest version of HTML: discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official http://www.w3.org/TR/html Previous version of HTML 4.01: Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this Network Working Group T. Berners-Lee http://www.w3.org/TR/1999/PR-html40-19990824 memo is unlimited. Previous HTML 4 Recommendation: Request for Comments: 3986 W3C/MIT http://www.w3.org/TR/1998/REC-html40-19980424 Obsoletes: 2732, 2396, 1808 R. Fielding Editors: STD: 66 AbstractDay Software Dave Raggett Updates: 1738 The Hypertext TranLs.f eMr aPsrionttoecro l (HTTP) is an application-level protocol for distributed, collaborative, Arnaud Le Hors, W3C Category: Standards Track Adobe Systems Ian Jacobs, W3C hypermedia information systems. It is a generic, stateless, object-oriented protocol which can be used for many tasks, such Jaasn nuaamrye 2se0r0v5e rs and distributed object management systems, through extension of its Copyright ©1997-1999 W3C® (MIT, INRIA, Keio), All Rights Reserved. W3C liability, trademark, document use request methods. A feature of HTTP is the typing and negotiation of data representation, allowing systems and software licensing rules apply. to be built independently of the data being transferred. Uniform Resource IdentHifTiTeP rha s( bUeenR inI u)se: b y the World-Wide Web global information initiative since 1990. This specification Abstract Generic Syntadxefines the protocol referred to as “HTTP/1.1”. This specification defines the HyperText Markup Language (HTML), the publishing language of the World Wide Web. This specification defines HTML 4.01, which is a sSubtvaertsuiosn oof Hf TtMhLi 4s. InM aeddmitioon to the text, multimedia, and hyperlink features of the previous versions of HTML (HTML 3.2 [HTML32] and HTML 2.0 [RFC1866]), HTML 4 supports more multimedia options, Thisscrip documentting langua gspecifieses, style an Internet standards track protocol for the Internet community, sheets, better printing facilities, and documents that are more accessiblea ntod urseeqrus ewsittsh disacubsilistieosn. and suggestions for improvements. Please refer to the current HTML 4 also takes great strides towards the internationalization of documedeintitos,n w oitfh t thhee “gIonatle ornf meta Okifnfgicial Protocol Standards” (STD 1) for the standardization state the Web truly World Wide. and status of this protocol. Distribution of this memo is unlimited.

HTML 4 is an SGML application conforming to International StandardC IoSOp 8y8r7i9g --h Sta nNdaordtice Generalized Markup Language [ISO8879]. Copyright © The Internet Society (2005). All Rights Reserved. Status of this document Abstract This section describes the status of this document at the time of its publication. Other documents may supersede this document. The latest status of this document series is mAa inUtnaiifnoerdm a tR tehseo Wur3cCe .Identifier (URI) is a compact sequence of characters that identifies an abstract or physical resource. This specification defines the generic URI syntax and a process for resolving URI references that might be in relative form, along with guidelines and security considerations for the use of URIs on the Internet. The URI syntax defines a grammar that is a superset of all valid URIs, allowing an implementation to parse the common components of a URI reference without knowing the scheme-specific requirements of every p4o/2s/s0i8b l1e2 :i0d9e nAtMifier. This specification does not define a generative grammarProtocols for URIs; that task is performed by the individual specifications of each URI scheme.

Fielding, et al Standards Track [Page 1]

4/2/08 12:16 AM

ESEC/FSE’17, September 8, 2017, Paderborn, Germany 10 So, which one is the Web?

http://www.w3.org/TR/html4/

This version: http://www.w3.org/TR/1999/REC-html401-19991224 (plain text [794Kb], gzip'ed tar archive of HTML files [371Kb], a .zip archive of HTML files [405Kb], gzip'ed Postscript file [746Kb, 389 pages], gzip'ed PDF file [963Kb]) Hypertext Transfer Protocol -- HTTP/1.1 Latest version of HTML 4.01: http://www.w3.org/TR/html401 Latest version of HTML 4: Status of this Memo http://www.w3.org/TR/html4 file://localhost/Users/fielding/ws/labs-webarch/uri/rfc/rfc3986.html This document specifies an Internet standards track protocol for the Internet community, and requests Latest version of HTML: discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official http://www.w3.org/TR/html Previous version of HTML 4.01: Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this Network Working Group T. Berners-Lee http://www.w3.org/TR/1999/PR-html40-19990824 memo is unlimited. Previous HTML 4 Recommendation: Request for Comments: 3986 W3C/MIT http://www.w3.org/TR/1998/REC-html40-19980424 Obsoletes: 2732, 2396, 1808 R. Fielding Editors: STD: 66 AbstractDay Software Dave Raggett Updates: 1738 The Hypertext TranLs.f eMr aPsrionttoecro l (HTTP) is an application-level protocol for distributed, collaborative, Arnaud Le Hors, W3C Category: Standards Track Adobe Systems Ian Jacobs, W3C hypermedia information systems. It is a generic, stateless, object-oriented protocol which can be used for many tasks, such Jaasn nuaamrye 2se0r0v5e rs and distributed object management systems, through extension of its Copyright ©1997-1999 W3C® (MIT, INRIA, Keio), All Rights Reserved. W3C liability, trademark, document use request methods. A feature of HTTP is the typing and negotiation of data representation, allowing systems and software licensing rules apply. to be built independently of the data being transferred. Uniform Resource IdentHifTiTeP rha s( bUeenR inI u)se: b y the World-Wide Web global information initiative since 1990. This specification Abstract Generic Syntadxefines the protocol referred to as “HTTP/1.1”. This specification defines the HyperText Markup Language (HTML), the publishing language of the World Wide Web. This specification defines HTML 4.01, which is a sSubtvaertsuions o of HfT tMhL i4s. I nM adedmitioon Information to the text, multimedia, and hyperlink features of the previous versions of HTML (HTML 3.2 [HTML32] and HTML 2.0 [RFC1866]), HTML 4 supports more multimedia options, Thisscrip tdocumenting langua gspecifieses, style an Internet standards track protocol for the Internet community, sheets, better printing facilities, and documents that are more accessiblea tnod u rseeqrsu ewsiths ddiissacbuislistiieosn. and suggestions for improvements. Please refer to the current HTML 4 also takes great strides towards the internationalization of documedenittiso,n w oitfh tthe g“Ionatl eorfn meta kOinffgicial Protocol Standards” (STD 1) for the standardization state the Web truly World Wide. and status of this protocol. Distribution of this memo is unlimited.

HTML 4 is an SGML application conforming to International StandardC ISoOp 8y87r9i g-- hSta nNdaordtice Generalized Markup Language [ISO8879]. Copyright © The Internet Society (2005). All Rights Reserved. Status of this document Abstract This section describes the status of this document at the time of its publication. Other documents may supersede this document. The latest status of this document series is mAai nUtaniinfoerdm a tR theeso Wur3cCe. Identifier (URI) is a compact sequence of characters that identifies an abstract or physical resource. This specification defines the generic URI syntax and a process for resolving URI references that might be in relative form, along with guidelines and security considerations for the use of URIs on the Internet. The URI syntax defines a grammar that is a superset of all valid URIs, allowing an implementation to parse the common components of a URI reference without knowing the scheme-specific requirements of every p4/o2s/0s8ib 1le2 :i0d9e AntMifier. This specification does not define a generative grammar for URIs; that task is performed by the individual specifications of each URI scheme.

Fielding, et al Standards Track [Page 1] Browsers Protocols

4/2/08 12:16 AM

ESEC/FSE’17, September 8, 2017, Paderborn, Germany 11 So, which one is the Web?

All of them!

The Web is a World-Wide System: constantly running, always changing, anarchically accessed, and independently deployed.

ESEC/FSE’17, September 8, 2017, Paderborn, Germany 12 Outline

1. The Story of REST § Early history of the Web § What REST is (and is not) § Contemporary influences 2. Work inspired by REST § Decentralization § Generalization § Secure computation 3. Reflections on REST § Investing in entrepreneurial students Roy T. Fielding. 2000. Architectural Styles and the Design of Network-based Software Architectures. Ph.D. Dissertation. University of California, Irvine, California, USA. § Role of Software Engineering research http://www.ics.uci.edu/~fielding/pubs/dissertation/top.htm Roy T. Fielding and Richard N. Taylor. 2000. Principled Design of the Modern Web Architecture. In Proceedings of the 22nd Int’l Conference on Software Engineering. IEEE, Limerick, Ireland, 407–416. Roy T. Fielding and Richard N. Taylor. 2002. Principled Design of the Modern Web Architecture. ESEC/FSE’17, September 8, 2017, Paderborn, Germany ACM Transactions on Internet Technology 2, 2 (May 2002), 115–150. HATEOAS????

•One of REST’s four architectural constraints •The constraint RESTafarians struggle most with BUT… •The MOST IMPORTANT one… since hypermedia applications are the POINT of REST!

Because What is REST Anyway?

• Representational State REST Transfer (REST) is a style of software architecture for has become a distributed hypermedia systems such as the World Wide Web BUZZWORD • Roy Fielding There’s nothing particularly wrong with that… looked at the Web unless you happen to be me… and saw that it was good or working with me

ESEC/FSE’17, September 8, 2017, Paderborn, Germany 14

5 Architectural Styles

§ A horizontal abstraction across multiple architectures (vertical abstractions) § names a repeated architectural pattern Ionic Order § deﬁned by its design constraints § chosen for the properties they induce

§ REST is an architectural style § for network-based applications § to induce a speciﬁc set of architectural properties § that were desired for the World Wide Web

ESEC/FSE’17, September 8, 2017, Paderborn, Germany 15 REST is an accumulation of design constraints l a

y p e ro replicated r gr e am uniform interface d ma separated ble RR CS LS VM U i nt er pr m oc ed on-demand stateless es ia mobile simple si te ng visible $ CSS LCS COD

reliable shared extensible reusable cacheable scalable multi- C$SS LC$SS org. LCODC$SS REST

ESEC/FSE’17, September 8, 2017, Paderborn, Germany Figure 5-9. REST Deriva16tion by Style Constraints

the disadvantages) of the optional constraints when they are known to be in effect for some

realm of the overall system. For example, if all of the client software within an

organization is known to support Java applets [45], then services within that organization

can be constructed such that they gain the benefit of enhanced functionality via

downloadable Java classes. At the same time, however, the organization’s firewall may

prevent the transfer of Java applets from external sources, and thus to the rest of the Web

it will appear as if those clients do not support code-on-demand. An optional constraint

allows us to design an architecture that supports the desired behavior in the general case,

but with the understanding that it may be disabled within some contexts.

5.1.8 Style Derivation Summary

REST consists of a set of architectural constraints chosen for the properties they induce on

candidate architectures. Although each of these constraints can be considered in isolation,

describing them in terms of their derivation from common architectural styles makes it

85 REST is an accumulation of design constraints

Constraint l a