Yahoo Extends YQL: Adds INSERT Command to the Internet

Andres Ferrate
Jul. 09 2009, 02:56AM EDT

Yahoo has moved forward with a great improvement to its Yahoo Query Language (YQL) platform (our YQL API Profile). As you may remember from earlier this year, YQL is a SQL-like programming interface to lots of Yahoo data and APIs that can also support non-Yahoo data as well (think of queries that look like: select id from flickr.photos.search where text='car'). Until recently, the YQL platform only supported read operations, which meant that developers could only pull data from the web. Now Yahoo has expanded YQL to support INSERT, UPDATE, and DELETE operations.

As Jonathan Trevor explains on the Yahoo Developer Network Blog:

Today, the YQL team has extended the platform with the "missing" SQL verbs to write and modify data on web services and applications: INSERT, UPDATE and DELETE. This enables YQL's Open Data Tables to insert new Twitter status messages, not just list them; to add new comments to a blog, as well as read them; to store data in a remote database; to INSERT INTO internet.

Open Data Table developers can add support for these verbs into their tables by creating new binding types in their definitions. They can then perform the update/insert/delete on the remote web service by creating an execute element that will run their Javascript to create the right content payload and send it to the remote service. To complement the new YQL verbs, we've extended the capabilities in our server-side Javascript, so y.rest() can now POST, PUT and DELETE.

This means that developers can now use YQL to push information out to the web, thereby taking advantage of the read/write web in a streamlined fashion. Yahoo has added additional details on the new capabilities to the YQL documentation, and several examples of using YQL to write data to the web are available in their announcement blog post.

Developers should take note that with this increased set of capabilities also comes some additional risk. As detailed in the updated YQL documentation:

Most sources that provide write capability need authentication. Examples of authentication include username/password combinations or secret API tokens.

If your table requires input that is deemed "private", such as any passwords, authentication keys, or other "secrets", you MUST ensure the https attribute within the tables element is set to true.

Thus, developers should take the necessary steps to secure authentication credentials when using YQL to authenticate with the various services with which YQL is integrated.

Be sure to check out Frederic Lardinois' post at ReadWriteWeb for additional coverage on YQL's new capabilities.

Andres Ferrate

Comments

User HTML

  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
  • Web page addresses and e-mail addresses turn into links automatically.