Exclude dynamic parameters when possible

Exclude dynamic parameters when possible


When you are creating URLs for web pages, you should try to avoid putting URL parameters in the destination. If your program creates more than two or three URL parameters on every page load, it might be worth reworking your code so that links can pass these additional values as text instead of dynamic, encoded string variables.

To explain why this is a problem, let's look at what would happen if you had a site that allows users to select the state where they live and then displays their results by city name. The relevant portion of the HTML form might look like this:

          <form method="get" action="/cgi-bin/lookup_city_state">

      State:            <input type="text" name="state">

      City:            <input type="text" name="city">

      Search for city in state:                 <input type="submit" value="Lookup"/>


Although this isn't a very useful service, it's useful as an example. If you have the URL http://www.example.com/lookup_city_state?state=WA&city=Seattle , then that one page load will generate two HTTP requests to the web server—one for the HTML page itself and another for /cgi-bin/lookup_city_state?state=WA&city=Seattle . Now imagine your site is hosting reviews of online casinos or something similar, where you want to keep track of the URL parameters that people search on to find your page. You might start with a site that looks like the following screenshot:

The HTML source for this single page, however, might contain hundreds of thousands of requests per day if users tend to search for more than one keyword at a time before finding the right online casino. This is an extreme example, but you get the point. Parameter-heavy URLs are bad because they make each page load slow—potentially significantly slower if there's a lot of traffic for these pages—and require more system resources from both your application and web server processes. Reducing your total number of dynamic parameters can reduce your bandwidth costs and improve server performance in some cases.

Here are some best practices for designing URLs:

·          If possible, avoid putting dynamic parameters in the URL and try to return complete HTML pages that contain all of the information needed for a browser to render a page. That way, your service can respond by simply returning an HTML page and only one HTTP request will be made per user session. This is generally the best solution because it allows each web server process to handle one request at a time as opposed to many concurrent requests.

·          When you absolutely must put dynamic parameters in the URL, pick those few necessary variables from among all others and store them as part of a logged-in session rather than sending them with every single request. This approach reduces the number of round-trips between client and server for frequently requested pages that don't need all of the user session data.

·          Avoid parameter names with special characters, such as commas or dollar signs, because they may cause problems on some web servers. Use your best judgment when deciding whether to use these characters in URLs. For example, it's probably fine to use them if you are passing only one value at a time and know that nothing else will break on your site if this convention is followed consistently.

·          When URLs include a mix of dynamic and static parameters and there's no way to consolidate the values into a single HTML page, pick one type of parameter or another rather than trying to mix them together in the same URL. This approach reduces confusion among developers who may not understand why the URL contains both types of data.

Please note that these best practices are intended for publicly available resources. In the example of a web service, it would be perfectly appropriate to return different data based on some combination of input parameters from a client because the URL is being sent only to the server anyway. However, if you have internal resources that can't be accessed by anyone except your own application or if it makes sense to return consistent data for a URL, consider removing any dynamic parameters and sending the entire HTML page.

·          It's possible to increase performance and reduce costs by obscuring the dynamic parts of your URLs by using hashing techniques such as those described in How can I generate unique hash key values? - Programmer World . This approach avoids sending parameter values to the server with every single request, but it may be less secure so you should carefully consider your options before deciding one way or another.

Note: The amount of time required to complete a URL redirection is non-deterministic and may depend on external factors such as hardware performance and database load. Redirects are not cached either at the client or server, so every redirect requires a round trip to the server.

Please also be aware that there are other reasons that URL parameters should be avoided, including security concerns . There is no single correct answer for this problem, but you should carefully weigh all of your options before deciding one way or another.