How the ASP Web API uses put and delete.

Method overriding RESTful services allow the clients to act on the resources through methods such as GET, POST, PUT, delet e,  and so on. GET and POST is the most frequently used methods. Most of the corporate firewalls allow port, the typical port of HTTP. However, some do has restrictions in terms of the HTTP methods allowed. GET and POST methods is very common, but others such as DELETE can  is disallowed. The X-http-method-override header can help you work around this problem. A Typical solution involving this header was to send x-http-method-override in the request with the actual verb intended (D ELETE or PUT) and submit the request using POST; That's, the request line with the dummy POST verb tricks the firewall into allowing  the request. in ASP. Web API, a message handler, such as the one shown in Listing 4-2, can replace POST with the method specified in X-http-method-override. The message handler runs early in the pipeline and are the best extensibilityPoint suitable for this purpose.
Request Line
Request Headers
get/home.html http/1.1 accept:text/html user-agent:mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; trident/5.0) Host:server.com [Blank line indicating the end of request headers]
Figure 4-4. Request message
Www.it-ebooks.info
Chapter 4 http anatomy and SeCurity
45
Listing 4-2. Method Override

 Public classMethodoverridehandler:delegatinghandler {protected Override AsyncTaskif(Request. Method = = Httpmethod.post && request. Headers.contains ("X-http-method-override"))        {varmethod = Request. Headers.getvalues ("X-http-method-override").             FirstOrDefault (); BOOLIsput = String.Equals (method,"PUT", stringcomparison.ordinalignorecase);BOOLIsdelete = String.Equals (method,"DELETE", StringComparison.OrdinalIgnoreCase); if(Isput | | isdelete) {Request. Method =NewHttpMethod (method); }        }         return await Base.    SendAsync (Request, CancellationToken); } }

to test the preceding methodoverridehandler, you'll need a tool like Fiddler, covered in depth later in this chap ter. Fiddler is useful in capturing and analyzing HTTP traffic. Also, it lets you hand-code a request complete with request headers and send it to a endpoint with an HTTP method of your Choice. Figure 4-5 illustrates what you can do a POST request with a x-http-method-override header set to PUT. If Methodoverridehandler is plugged to the pipeline by making a entry in WebApiConfig.cs file under App_start, this req Uest would invoke the PUT action method in the controller instead of POST.
HTTP Response The HTTP Response have the status line as the first line of the Response. As shown in Figure 4-6, the status line starts with the HTTP version, followed by a space, followed by the status code and A space, and then the reason phrase.  the request line was terminated by a CR and a LF character.
Figure 4-5. Fiddler Composer

ASP Web API How to use put and delete.