[cryptonector]

The n+1 query problem arises naturally from having limited query support and limited representation of result sets. If your REST binding for your data is one URI per-entity and a query returns the URIs of the entities, then you have the n+1 problem. On the other hand, if your REST binding is that a query is an entity in itself returning a collection representation of result entity set, then you don't have the n+1 problem.

Apart from that, expressing queries in URIs is bloody hard.

I rather like the PostgREST approach.

Another idea is to POST queries to get a nice URI for each query, then you can GET the URI for a query using URI query parameters to supply values to the... query's parameters. (Look ma', no SQL injection.) PostREST gives you this if you wrap queries with functions, which is a bit sucky, but it gives the DB owner a lot of control over what queries get run.