The IETF has published RFC 10008, introducing the HTTP QUERY method, a new standardized verb intended for complex read-only operations that require a request body. Across the coverage, the problem is described as a longstanding tradeoff in API design: GET is safe and cacheable but relies on URI query parameters, which become unwieldy and can hit practical length and encoding limits; POST can carry structured payloads but does not signal that the operation is read-only and is typically not cacheable or reliably retryable in the same way. QUERY is positioned as a “third option” that combines body support with safe, idempotent semantics like GET, and it is described as cacheable by intermediaries when used correctly.

The sources emphasize that QUERY and POST can look identical at the message-body level, but the method name carries the meaning. They also note operational details such as the need for Content-Type validation, the role of request-body-inclusive cache keys, and header semantics for indicating query results versus the query itself. Adoption is described as limited by ecosystem support: browsers’ CORS behavior, WAF and gateway method allowlists, and CDN/proxy caching logic may reject or mishandle unknown methods until infrastructure updates. Overall, QUERY is presented as a standardized solution, with production use likely pending stack readiness.