Trevor Phillips wrote:
On Thu, Jan 22, 2009 at 3:12 PM, Toby Corkindale
<toby.corkind...@strategicdata.com.au> wrote:
But what happens when your site gets spidered by a search engine, that
follows all links?
Whoops.
There's a good reason state-modification-actions should be POST (or rather,
non-GET, if you want to go with PUT, DELETE, etc)
Surely such an action would be behind some form of authentication,
ergo blocking any random web crawler? An app that allowed you to
delete records with no security checks has bigger issues. ^_^
Yeah.. can't actually remember what the actions were, but indeed, 'twas
misguided.
After posting that, I realised other people had already posted warnings
about not using GET for state-change anyway.
_______________________________________________
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
