RESTful web service in salesforce

Hello Madhulika,

As HTTP URL paths are used as a part of RESTful web service, so they need to be secured. Some of the best practices include the following

• Perform validation of all inputs on the server from SQL injection attacks.
• Perform user’s session based authentication whenever a request is made.
• Never use sensitive data like username, session token password, etc through URL. These should be passed via POST method.
• Methods like GET, POST, PUT, DELETE, etc should be executed with proper restrictions.
• HTTP generic error message should be invoked wherever required.

Thanks.

RESTful web services are built to work best on the Web. Representational State Transfer (REST) is an architectural style that specifies constraints, such as the uniform interface, that if applied to a web service induce desirable properties, such as performance, scalability, and modifiability, that enable services to work best on the Web. In the REST architectural style, data and functionality are considered resources and are accessed using Uniform Resource Identifiers (URIs), typically links on the Web. The resources are acted upon by using a set of simple, well-defined operations. The REST architectural style constrains an architecture to a client/server architecture and is designed to use a stateless communication protocol, typically HTTP. In the REST architecture style, clients and servers exchange representations of resources by using a standardized interface and protocol.

Features of RESTful Services:

Representations
Messages
URIs
Uniform interface
Stateless
Links between resources
Caching