URLs are state containers

Posted by thm 11/2/2025

512 points | 213 commentspage 2

jakegmaths 11/2/2025|

The latest version of Microsoft Teams is absolutely terrible at this... just one URL for everything. No way to bookmark even a particular team.

smadge 11/2/2025||

One might even say that hyperlinks are the engine of application state.

jongjong 11/3/2025||

I loke to keep state in the URL. It's nive when you can bookmark any section in an app and it brings you back to the exact same place, all the menus exactly the same. Also it's amazing for debugging. Any bug, I tell the user to send me the URL. I reproduce the issue instantly, fixed in 5 minutes. I wrote some very complex frontends without any tests thanks to this approach... Also it's great during development; when I make a change anywhere in the app, I just refreshed the page... I never have to click through menus to get back to the part of the code I want to test. Really brings down my iteration time... Also I use Vanilla JavaScript Web Components so I don't have to wait for transpiler or bundler. Then I use Claude Code. It's crazy how fast I can code these days when it's my own project.

noodletheworld 11/2/2025||

Mmm.

Youre doing two things:

1) youre moving state into an arbitrary untrusted easy to modify location.

2) youre allowing users to “deep link” into a page that is deep inside some funnel that may or may not be valid, or even exist at some future point in time, forget skipping the messages/whatever further up.

You probably dont want to do either of those two things.

liampulles 11/3/2025||

You are still thinking of the web as being a hyperlinked collection of information serving the betterment of human knowledge, rather than a set of SPAs where you through trial and error try and get whatever AI enabled product you are now forced to use to do what you ask.

mexicocitinluez 11/3/2025|

Nothing of what you said has anything to do with storing state in the URL.

liampulles 11/3/2025||

My meaning is that good URL design was more prevalent when people consciously included more links to other websites within their own website. This is because making well formed URLs is of importance if you think people are actually going to take that URL and link it somewhere. The rest of my comment is snark around SPAs, because I think they conversely do not often do URL design well (manipulating the DOM off the back of JSON REST API calls, rather than guiding the state of the page off the URL, allows one not to have to think about it as much as one should).

I hope that clears things up.

superkuh 11/2/2025||

>Scott Hanselman famously said “URLs are UI”

I actually implemented a comment system where users just pick any arbitrary URL on the domain, ie, http://exampledomain.com/, and append /@say/ to the URL along with their comment so the URL is the UI. An example comment would be typed in the URL bar like,

http://exampledomain.com/somefolder/somepage.html/@say/Hey! Cool somepage. - Me

And then my perl script tailing the webserver log file sees the line and and adds the comment "Hey! Cool somepage. - Me" to the .html file on disk for comments.

loloquwowndueo 11/2/2025||

The amount of state that early video games stored in like 256 bytes of ram was actually quite impressive. I bet with some creativity one could do similarly for a web app. Just don’t use gzipped b64-encoded json as your in-url state store!

sehugg 11/2/2025||

My 8-bit IDE lets you share your ROM as a lzg/b64-encoded URL. Things get dicey when you go above 2000 characters or so.

loloquwowndueo 11/3/2025||

URL please :)

wild_egg 11/2/2025||

With a custom compression dictionary made against your JSON schema, I would bet you could still pack a surprising amount of data into 256 bytes that way.

skrebbel 11/2/2025||

I tried this once and discovered that for us it worked even better when populating the dictionary with a bunch of commonly seen URLs. Like that includes the same field names as the json schema, but none of the other JSON Schema cruft, and it also includes commonly used values etc. It seemed like the smarter I tried to be, the worse the results got.

I just used Pako.js which accepts a `{ dictionary: string }` option. Concat a bunch of common URL together, done.

The only downside (with both our approaches) is if you add substantially many new fields / common values later on, you need to update the dictionary, and then old URLs don't work, so you'd need some sort of versioning scheme and use the right dictionary for the right version.

franciscop 11/3/2025||

This is one of the things that bothered me the most from existing React libraries, if you wanted to update a single query parameter now you needed to do a lot of extra work. It bothered me so much I ended up making a library around this [1], where you can do just:

    // /some/path?name=Francisco
    const [name, setName] = useQuery("name");
    console.log(name);  // Francisco
    setName('whatever');

Here's a bit more complex example with a CodeSadnbox[2]:

    export default function SearchForm() {
      const [place, setPlace] = useQuery("place");
      const [max, setMax] = useQuery("max");

      return (
        <form>
          <header>
            <h1>Search Trips</h1>
            <p>Start planning your holidays on a budget</p>
          </header>
          <TextInput
            label="Location:"
            name="place"
            placeholder="Paris"
            onChange={setPlace}
            value={place}
          />
          <NumberInput
            label="Max Price ($):"
            name="max"
            placeholder="0"
            onChange={setMax}
            value={max}
          />
        </form>
      );
    }

[1] https://crossroad.page/

[2] https://codesandbox.io/p/sandbox/festive-murdock-1ctv6

agos 11/3/2025|

that's a quite common pain. Both nuqs and Tanstack Router come to mind as libraries which put some thought in making it a bit better

njacobs5074 11/2/2025||

I'm not certain that I agree with this because a URL makes no claims about idempotency or side-effects or many other behaviors that we take for granted when building systems. While it is possible to construct such a system, URLs do not guarantee this.

I think the fundamental issue here is that semantics matter and URLs in isolation don't make strong enough guarantees about them.

I'm all for elegant URL design but they're just one part of the puzzle.

mattlondon 11/2/2025|

Yes It does. HTTP PUT is idempotent.

badbotty 11/2/2025||

The URL is not a HTTP method.

qdotme 11/2/2025|

Yes! This is a very under-utilized concept, especially with client-side execution (WASM etc!)

Few years back, I built a proof-of-concept of a PDF data extraction utility, with the following characteristic - the "recipe" for extracting data from forms (think HIPAA etc) can be developed independently of confidential PDFs, signed by the server, and embedded in the URL on the client-side.

The client can work entirely offline (save the HTML to disk, airgap if you want!) off the "recipe" contained in the URL itself, process the data in WASM, all client-side. It can be trivially audited that the server does not receive any confidential information, but the software is still "web-based", "browser-based" and plays nice with the online IDE - on dummy data.

Found a working demo link - nothing gets sent to the server.

https://pdfrobots.com/robot/beta/#qNkfQYfYQOTZXShZ5J0Rw5IBgB...

More comments...