HTTP QUERY Method Adoption
RFC 10008 was published in June 2026. The spec exists. The question now is: where can you actually use QUERY today without something breaking along the way?
Short answer: it depends on how many intermediaries sit between your client and your server. The method itself works in more places than most people assume — the problem is the components in the middle that nobody updates.
“The problem with the internet is that there always will be components that are not going to get updated” — u/good_live, Reddit (130 upvotes)
This page documents the real state of support, no hype.
Adoption Table
Section titled “Adoption Table”Languages and Frameworks
Section titled “Languages and Frameworks”| Technology | Status | Notes | How to use |
|---|---|---|---|
| Go (net/http) | ✅ Works | Go 1.22+ accepts any method in ServeMux and http.NewRequest |
mux.HandleFunc("QUERY /path", handler) |
| Node.js (core) | ✅ Works | Native support added (issue #51562) — llhttp accepts QUERY | http.request({ method: 'QUERY', ... }) |
| Fastify | ✅ Via config | Not in default method list; requires registration with addHttpMethod |
fastify.addHttpMethod('QUERY'); fastify.route({ method: 'QUERY', ... }) |
| Express.js | ⚠️ Middleware | Express doesn’t block unknown methods, but has no native helper | app.all('/path', (req, res) => { if (req.method === 'QUERY') ... }) |
| NestJS | ⚠️ Workaround | Depends on HTTP adapter (Express/Fastify). No @Query() route decorator |
Custom decorator or middleware |
| Python (httpx) | ✅ Works | httpx.request() accepts any string as method |
httpx.request('QUERY', url, content=body) |
| Python (requests) | ✅ Works | requests.request() accepts arbitrary methods |
requests.request('QUERY', url, data=body) |
| Python (Flask) | ⚠️ Config | Must declare method explicitly on the route | @app.route('/path', methods=['QUERY']) |
| Python (Django) | ⚠️ Workaround | Class-based views need custom dispatch() |
Override dispatch or use middleware |
| Ruby on Rails | ⏳ Proposal open | Active proposal to add query routing helper |
Waiting for merge; today works via match via: :query |
| Spring Boot (Java) | ⚠️ Workaround | @RequestMapping has no RequestMethod.QUERY; needs extension |
No @QueryMapping — requires custom filter or HandlerMapping |
| ASP.NET Core | ⚠️ Workaround | No [HttpQuery] attribute; can use [AcceptVerbs("QUERY")] |
[AcceptVerbs("QUERY")] on controller action |
| PHP (native) | ✅ Works | $_SERVER['REQUEST_METHOD'] reports whatever method the web server forwards |
Works if the web server passes the request through |
| Rust (Actix Web) | ⚠️ Macro | Requires .route() with custom guard |
web::route().guard(guard::Method(Method::from_str("QUERY"))) |
| Rust (Hyper) | ✅ Works | http::Method accepts arbitrary extensions |
Method::from_bytes(b"QUERY") |
Servers and Proxies
Section titled “Servers and Proxies”| Technology | Status | Notes | How to use |
|---|---|---|---|
| Nginx | ⚠️ Passes through | Nginx forwards unknown methods to upstream without rejecting, but doesn’t optimize (no method-based caching). Extra module needed for caching | proxy_pass works. Cache: configure proxy_cache_methods manually |
| Caddy | ⚠️ Passes through | Similar to Nginx — forwards without blocking, no explicit QUERY cache support | reverse_proxy works natively |
| Apache httpd | ⚠️ Config | mod_proxy forwards, but Limit/LimitExcept may block if configured restrictively |
Remove LimitExcept restrictions if present |
| HAProxy | ⚠️ Depends | Current versions forward unknown methods by default. ACLs with method can filter |
acl is_query method QUERY works for routing |
| Envoy | ⚠️ Passes through | Doesn’t block unknown methods, but doesn’t apply safe/idempotent logic | Works as transparent proxy |
| Traefik | ⚠️ Passes through | Forwards without intervention; no special QUERY rules | Works as transparent proxy |
CDNs and Edge
Section titled “CDNs and Edge”| Technology | Status | Notes | How to use |
|---|---|---|---|
| Cloudflare Workers | ✅ Works | request.method returns any method; no blocklist |
if (request.method === 'QUERY') { ... } |
| Cloudflare CDN (cache) | ⏳ No cache | CDN doesn’t auto-cache responses to non-standard methods | Workers + Cache API for manual control |
| AWS CloudFront | ❌ May reject | CloudFront has a method allowlist (GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE). QUERY is not on it | Not supported without custom origin passthrough |
| AWS ALB | ⚠️ Uncertain | ALB may return 405 for unrecognized methods depending on configuration | Test first; may need NLB instead of ALB |
| Fastly | ⚠️ VCL config | Arbitrary method support via VCL, but no default caching | Custom VCL: if (req.method == "QUERY") { ... } |
| Vercel Edge | ✅ Works | Workers-based — accepts any method | request.method === 'QUERY' |
| Akamai | ⏳ Waiting | RFC co-author (Mark Bishop) is from Akamai. Native support expected | Monitor announcements |
Browsers and HTTP Clients
Section titled “Browsers and HTTP Clients”| Technology | Status | Notes | How to use |
|---|---|---|---|
| fetch API (all browsers) | ✅ Works | fetch() accepts any string in method |
fetch(url, { method: 'QUERY', body: ... }) |
| XMLHttpRequest | ✅ Works | .open() accepts arbitrary methods |
xhr.open('QUERY', url) |
| curl | ✅ Works | -X QUERY works. Daniel Stenberg (curl author) is already discussing native support with -d + QUERY |
curl -X QUERY -d '{"filter":"value"}' url |
| HTTPie | ✅ Works | Accepts arbitrary methods | http QUERY url field=value |
| Postman | ✅ Works | Method field accepts free text | Type “QUERY” in the method dropdown |
| Insomnia | ✅ Works | Same as Postman | Edit method manually |
Tools and Infrastructure
Section titled “Tools and Infrastructure”| Technology | Status | Notes | How to use |
|---|---|---|---|
| OpenAPI/Swagger | ⏳ No support | OpenAPI 3.1 spec doesn’t list QUERY as a valid operation | Waiting for spec update |
| gRPC-Web | ❌ N/A | Uses POST exclusively | — |
| GraphQL (transport) | ⏳ Possible | Would be the ideal transport for GraphQL query operations, but clients use POST/GET | Waiting for client adoption |
| Kong Gateway | ⚠️ Plugin | Rate-limit and auth plugins may not recognize QUERY as “safe” | Configure plugins to accept QUERY |
| API Gateways (generic) | ⚠️ Variable | Most block or ignore methods outside the standard list | Test individually |
What Can Go Wrong
Section titled “What Can Go Wrong”QUERY works end-to-end when every component between client and server accepts the method. In practice, several intermediaries can cause problems:
1. Firewalls and WAFs
Section titled “1. Firewalls and WAFs”Corporate firewalls and Web Application Firewalls often maintain an allowlist of HTTP methods. QUERY is not on that list. Result: 403 Forbidden or 405 Method Not Allowed silently.
2. Load Balancers with allowlists
Section titled “2. Load Balancers with allowlists”AWS ALB and Classic ELB return 405 for methods outside the standard list. If you’re on AWS, consider Network Load Balancer (NLB) which operates at layer 4 and doesn’t inspect the HTTP method.
3. CDNs that filter
Section titled “3. CDNs that filter”CloudFront explicitly lists which methods it accepts. If your CDN doesn’t recognize QUERY, the request never reaches your origin.
4. Corporate proxies
Section titled “4. Corporate proxies”In enterprise environments, HTTP proxies (Squid, Blue Coat, Zscaler) may reject unknown methods. Anything sitting between the browser and your server is a potential failure point.
5. Frameworks with allowlists
Section titled “5. Frameworks with allowlists”Spring Boot, Django, Rails — opinionated frameworks often have a closed list of accepted methods. If you don’t configure explicitly, the framework returns 405 before the request reaches your handler.
6. API Gateways
Section titled “6. API Gateways”Kong, AWS API Gateway, Apigee — most validate the HTTP method before routing. An unconfigured QUERY simply disappears.
7. Monitoring and Logging
Section titled “7. Monitoring and Logging”Tools like Datadog, New Relic, and Splunk may categorize QUERY as “unknown” or ignore metrics. Dashboards break silently.
Practical recommendation
Section titled “Practical recommendation”If you control the entire stack (client → server, no third-party intermediaries), you can use QUERY today. If there’s any component you don’t control in the path, test before assuming it works.
Realistic Timeline
Section titled “Realistic Timeline”The community is right to be skeptical about adoption speed. Let’s look at historical precedent:
Case study: HTTP PATCH (RFC 5789)
Section titled “Case study: HTTP PATCH (RFC 5789)”| Milestone | Date |
|---|---|
| First draft published | 2003 |
| RFC published | March 2010 |
| Rails support | ~2012 |
| Django REST Framework support | ~2013 |
| Spring support | ~2013 |
| Widespread use in APIs | ~2015–2016 |
| Universal support (CDNs, gateways, tools) | ~2018–2020 |
From RFC to widespread use: ~5–6 years. From RFC to universal support: ~8–10 years.
Projection for QUERY (RFC 10008)
Section titled “Projection for QUERY (RFC 10008)”| Phase | Estimate |
|---|---|
| RFC published | June 2026 ✅ |
| Major frameworks add native support | 2027–2028 |
| CDNs and load balancers recognize natively | 2028–2030 |
| OpenAPI includes in spec | 2027–2028 |
| Widespread use in public APIs | 2030–2032 |
| “Works everywhere without thinking” | 2033–2036 |
Why it might be faster than PATCH
Section titled “Why it might be faster than PATCH”- RFC authors are from Cloudflare and Akamai — two of the world’s largest CDNs. Direct incentive for native support.
- Node.js already had support before the final RFC.
fetch()in browsers already works — no browser update needed.- GraphQL and complex APIs create immediate demand.
Why it might be slower than PATCH
Section titled “Why it might be slower than PATCH”- PATCH didn’t need special CDN support (not cacheable by default). QUERY does — and caching with a body is complex.
- Legacy intermediaries (Squid, corporate proxies) won’t update.
- Organizational inertia: if
POST /searchworks, why change?
Verdict
Section titled “Verdict”Expect 3–5 years to use QUERY in public APIs without worry. For internal APIs where you control the stack, you can start today.
How to Help Adoption
Section titled “How to Help Adoption”- Open issues on the frameworks you use requesting native QUERY support
- Test with your stack and document what works and what doesn’t
- Implement in internal APIs to gain real-world experience
- Contribute PRs to add support in open source projects
- Report blockers in CDNs and gateways so vendors know demand exists
Last updated: July 2026. This page is updated periodically as the ecosystem evolves. If you found outdated information or tested a technology not listed here, open an issue or contribute directly.
Legend: ✅ Works natively | ⚠️ Works with configuration/workaround | ⏳ Support expected/in progress | ❌ Doesn’t work / blocks