also, that’s not safe from CSRF point of view. You should keep separate tables for http verbs.