Laravel Scout Search With the HTTP QUERY Method | Mohamed Said        [  ![Mohamed Said](https://cdn.msaied.com/01KT78WE565VEMM3PSNQAAB0MH.png)   Mohamed Said Laravel Backend Engineer  ](https://msaied.com) [ Home ](https://msaied.com) [ Projects ](https://msaied.com/projects) [ Articles  ](https://msaied.com/articles) [ Certificates ](https://msaied.com/certificates) [ Contact ](https://msaied.com#contact-section) 

       [  ](https://github.com/EG-Mohamed)       

 [ Home ](https://msaied.com) [ Projects ](https://msaied.com/projects) [ Articles ](https://msaied.com/articles) [ Certificates ](https://msaied.com/certificates) [ Contact ](https://msaied.com#contact-section) 

  [ home ](https://msaied.com)    [ articles ](https://msaied.com/articles)    Build a Laravel Scout Search Endpoint With the HTTP QUERY Method        On this page       1. [  What Is the HTTP QUERY Method? ](#what-is-the-http-query-method)
2. [  Setting Up Scout ](#setting-up-scout)
3. [  Defining a QUERY Route ](#defining-a-query-route)
4. [  Testing the Endpoint ](#testing-the-endpoint)
5. [  CSRF and Web Routes ](#csrf-and-web-routes)
6. [  Gotchas Before You Ship ](#gotchas-before-you-ship)
7. [  Key Takeaways ](#key-takeaways)

  ![Build a Laravel Scout Search Endpoint With the HTTP QUERY Method](https://cdn.msaied.com/433/f1100f27bf9bb41032e0ea927629e818.png)

 [  Laravel ](https://msaied.com/articles?category=laravel)  #Laravel   #Laravel Scout   #HTTP QUERY   #REST API   #PHP   #Laravel 13  

 Build a Laravel Scout Search Endpoint With the HTTP QUERY Method 
==================================================================

     16 Jul 2026      3 min read    ![Mohamed Said](https://cdn.msaied.com/01KT78WE565VEMM3PSNQAAB0MJ.jpg)  Mohamed Said  

       Table of contents

1. [  01   What Is the HTTP QUERY Method?  ](#what-is-the-http-query-method)
2. [  02   Setting Up Scout  ](#setting-up-scout)
3. [  03   Defining a QUERY Route  ](#defining-a-query-route)
4. [  04   Testing the Endpoint  ](#testing-the-endpoint)
5. [  05   CSRF and Web Routes  ](#csrf-and-web-routes)
6. [  06   Gotchas Before You Ship  ](#gotchas-before-you-ship)
7. [  07   Key Takeaways  ](#key-takeaways)

 What Is the HTTP QUERY Method?
------------------------------

The HTTP QUERY method ([RFC 10008](https://www.rfc-editor.org/rfc/rfc10008)) is a safe, cacheable HTTP verb designed specifically for queries. Like GET, it signals a read-only operation—but it carries its parameters in the request body, avoiding URL length limits and keeping sensitive values out of access logs and browser history.

Laravel 13.19 added `Http::query()` to the HTTP client and `queryJson()` / `query()` testing helpers. A first-class `Route::query()` helper is already merged for Laravel 14, but you can use `Route::match()` today to register QUERY routes in Laravel 13.

Setting Up Scout
----------------

Start from a fresh Laravel 13 app and install the API routes file and Scout:

```bash
php artisan install:api
composer require laravel/scout

```

Set the database driver in `.env`—no external search service required:

```env
SCOUT_DRIVER=database

```

Create an `Article` model with migration and factory:

```bash
php artisan make:model Article -mf

```

Add the `Searchable` trait and define `toSearchableArray()`:

```php
use Laravel\Scout\Searchable;

class Article extends Model
{
    use HasFactory, Searchable;

    protected $fillable = ['title', 'body'];

    public function toSearchableArray(): array
    {
        return ['title' => $this->title, 'body' => $this->body];
    }
}

```

Defining a QUERY Route
----------------------

In `routes/api.php`, register the route with `Route::match()`:

```php
Route::match(['QUERY'], '/articles/search', function (Request $request) {
    $validated = $request->validate([
        'search'   => ['required', 'string'],
        'per_page' => ['sometimes', 'integer', 'between:1,50'],
    ]);

    return Article::search($validated['search'])
        ->paginate($validated['per_page'] ?? 15);
});

```

Validation and `$request->input()` read from the JSON body exactly as they would for a POST request. Running `php artisan route:list` confirms the verb:

```
QUERY  api/articles/search

```

A raw request looks like this:

```http
QUERY /api/articles/search HTTP/1.1
Content-Type: application/json
Accept: application/json

{"search": "scout", "per_page": 10}

```

Testing the Endpoint
--------------------

Laravel 13.19's `queryJson()` helper makes tests feel identical to `postJson()`:

```php
$this->queryJson('/api/articles/search', ['search' => 'scout'])
    ->assertOk()
    ->assertJsonCount(1, 'data')
    ->assertJsonPath('data.0.title', 'Getting Started With Laravel Scout');

```

On the client side, use `Http::query()`:

```php
$response = Http::acceptJson()->query('https://example.com/api/articles/search', [
    'search' => 'scout',
]);

```

CSRF and Web Routes
-------------------

API routes skip CSRF automatically. For `routes/web.php`, Laravel 13's `PreventRequestForgery` middleware treats QUERY like POST and returns a `419`. Extend the middleware to backport Laravel 14's behavior:

```php
protected function isReading($request)
{
    return in_array($request->method(), ['HEAD', 'GET', 'OPTIONS', 'QUERY']);
}

```

Swap it in `bootstrap/app.php` and delete the override after upgrading to Laravel 14.

Gotchas Before You Ship
-----------------------

- **PHP's built-in server** returns `501 Not Implemented` for QUERY—use Herd, Valet, or test helpers instead.
- **CDNs, WAFs, and load balancers** may block unrecognized verbs; test the full request path.
- **CORS preflight** is required for every cross-origin QUERY request—it is not a safelisted method.
- **Caching** is defined by the RFC but not yet implemented by browsers or CDNs.
- **OpenAPI 3.2** added a first-class `query` operation; toolchains targeting 3.0/3.1 cannot describe the endpoint yet.

Key Takeaways
-------------

- `Route::match(['QUERY'], ...)` registers QUERY routes in Laravel 13 today.
- Scout's database driver requires no external service and works out of the box.
- `queryJson()` in Laravel 13.19 makes feature-testing QUERY endpoints straightforward.
- Laravel 14 will add `Route::query()` and exempt QUERY from CSRF automatically.
- QUERY is best suited to internal APIs where you control both client and server.

---

Source: [Build a Laravel Scout Search Endpoint With the HTTP QUERY Method](https://laravel-news.com/build-a-laravel-scout-search-endpoint-with-the-http-query-method)

 Found this useful?

          [  ](https://twitter.com/intent/tweet?url=https%3A%2F%2Fmsaied.com%2Farticles%2Fbuild-a-laravel-scout-search-endpoint-with-the-http-query-method&text=Build+a+Laravel+Scout+Search+Endpoint+With+the+HTTP+QUERY+Method) [  ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fmsaied.com%2Farticles%2Fbuild-a-laravel-scout-search-endpoint-with-the-http-query-method) 

 Frequently Asked Questions 
----------------------------

  3 questions  

     Q01  Can I use the HTTP QUERY method in Laravel 13 before Route::query() is available?        Yes. Laravel 13's router accepts any HTTP verb via Route::match(). Register your route with Route::match(['QUERY'], '/path', $handler) and it works today. The dedicated Route::query() shorthand is coming in Laravel 14. 

      Q02  Why does PHP's built-in server return 501 for QUERY requests?        PHP's built-in server hard-codes the HTTP methods it accepts and does not recognize QUERY, so it returns 501 Not Implemented before the request reaches Laravel. Use Nginx-based environments like Laravel Herd or Valet, or rely on Laravel's HTTP testing helpers, which dispatch requests directly through the framework. 

      Q03  Do QUERY routes in routes/web.php require CSRF handling?        Yes, in Laravel 13 the PreventRequestForgery middleware treats QUERY like POST and will return a 419. You can extend the middleware to add QUERY to its list of read verbs, or exclude individual routes with withoutMiddleware(). Laravel 14 will exempt QUERY automatically. 

  Continue reading

 More Articles 
---------------

 [ View all    ](https://msaied.com/articles) 

 [ ![Livewire v3 Performance: Lazy Hydration, Computed Properties, and Minimising Wire Payloads](https://cdn.msaied.com/431/5931d6ca41b721bc1cd98ccc4ce063c7.png) livewire laravel performance 

### Livewire v3 Performance: Lazy Hydration, Computed Properties, and Minimising Wire Payloads

Practical techniques for keeping Livewire v3 components fast: lazy hydration, memoised computed properties, ta...

  ![Mohamed Said](https://cdn.msaied.com/01KT78WE565VEMM3PSNQAAB0MJ.jpg)  Mohamed Said 

 16 Jul 2026     4 min read  

  Read    

 ](https://msaied.com/articles/livewire-v3-performance-lazy-hydration-computed-properties-and-minimising-wire-payloads) [ ![Filament v5 Preview: Schema Unification, Performance Shifts, and How to Prepare](https://cdn.msaied.com/430/44b6a4ac9fef052463a7ca8318fe463e.png) filament laravel filament-v5 

### Filament v5 Preview: Schema Unification, Performance Shifts, and How to Prepare

Filament v5 is reshaping how panels, forms, and tables are composed. This deep-dive covers the confirmed archi...

  ![Mohamed Said](https://cdn.msaied.com/01KT78WE565VEMM3PSNQAAB0MJ.jpg)  Mohamed Said 

 16 Jul 2026     4 min read  

  Read    

 ](https://msaied.com/articles/filament-v5-preview-schema-unification-performance-shifts-and-how-to-prepare-1) [ ![Enforce Per-Action Waiting Periods in Laravel with the Cooldown Package](https://cdn.msaied.com/432/a8a830b45119cc7fafc7e27d7951e114.png) Laravel Packages Rate Limiting 

### Enforce Per-Action Waiting Periods in Laravel with the Cooldown Package

Laravel Cooldown lets you place timed locks on named actions—OTP resends, password resets, payment retries—sco...

  ![Mohamed Said](https://cdn.msaied.com/01KT78WE565VEMM3PSNQAAB0MJ.jpg)  Mohamed Said 

 16 Jul 2026     4 min read  

  Read    

 ](https://msaied.com/articles/enforce-per-action-waiting-periods-in-laravel-with-the-cooldown-package) 

   [  ![Mohamed Said](https://cdn.msaied.com/01KT78WE565VEMM3PSNQAAB0MH.png)   Mohamed Said Laravel Backend Engineer  ](https://msaied.com)Senior Backend Engineer specializing in Laravel, scalable SaaS platforms, APIs, and cloud infrastructure. I build secure, high-performance web applications that help businesses grow.

Explore

- [Home](https://msaied.com)
- [Projects](https://msaied.com/projects)
- [Articles](https://msaied.com/articles)
- [Certificates](https://msaied.com/certificates)
- [Contact](https://msaied.com#contact-section)

Connect

- [   hello@msaied.com ](mailto:hello@msaied.com)
- [   +20 109 461 9204 ](tel:+201094619204)

© 2026 Mohamed Said. All rights reserved.

 [  ](https://github.com/EG-Mohamed) [  ](https://www.linkedin.com/in/msaiedm/) [  ](https://wa.me/201094619204) [  ](mailto:hello@msaied.com) [  ](https://drive.google.com/file/u/0/d/1MF20IPRJyzfy32mhEutjL5EpSls0w2Q8/view)
