'Are HTTP query string parameters and form field names containing dot (`.`) discouraged or prohibited in modern Web development?

I created a HTTP API endpoint for searching a database, it is used like this

GET /orders?created_by.name=John&delivery_estimate.start=2022-06-01

Our web frontend developer team claims that they are not able to use this API because all the existing React Material UI form libraries serialize form fields that contain dots in their names as nested object, i.e. a form having created_by.name and delivery_estimate.start fields will be serialized into

{"created_by": {"name": "John"}, {"delivery_estimate": {"start": "2022-06-01"}}

instead of

{"created_by.name": "John", "delivery_estimat.start": "2022-06-01"}

and there is absolutely no possibility to change that behavior. They strongly insist on changing the API, saying that mobile developers also most likely will not be able to use it for the same reason.

Question: are there any standards, recommendations or conventions on which printable ASCII characters shall or shall not be used in query string parameters or form field names? I was not able to find anything more credible than https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#form-submission-algorithm which does not pose any of such restrictions, but that's a pretty old document.

reactjsformsresthttpmaterial-ui


Solution 1:[1]

Full Stop (U+002E) is an element in the unreserved production rule defined by RFC 3986.

Therefore, the use of it in a resource identifier should be fine for any standard compliant HTTP component.

Local spelling conventions may restrict its use

Question: are there any standards, recommendations or conventions on which printable ASCII characters shall or shall not be used in query string parameters or form field names?

RFC 3986, Appendix A

If you are intending what HTML web forms be a mechanism for creating resource identifiers, then you will want to review the application/x-www-form-urlencoded standard to understand how characters may be encoded when copying form data into the query part of the URI.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 VoiceOfUnreason

Related Questions

How does webserver handle HTTP POST [closed]

HTTP response code for POST when resource already exists

Python: How do I get key/value pairs from the BaseHTTPRequestHandler HTTP POST handler?

How to resolve the issue of HTTP ERROR 405 [closed]

Getting directory listing over http

How do I use Django piston to return a response in text/plain?

How websockets can be faster than a simple HTTP request?

Angular 7: Sending post request gives error 405 (Method not allowed)

How progressive rendering works?

HTTP simultaneous connections per host limit... are per tab, browser instance or global?

Get a JSON file (that contains Hebrew values) from a remote server and parse it in Node.js

Python requests speed up using keep-alive

RESTful - What should a DELETE response body contain

Check if online resource is reachable with JavaScript, not requiring the The Same Origin Policy to allow it

Better Event centric way to solve request-reply problem in Kafka or any streaming service