On Tue, Jul 1, 2008 at 9:00 PM, Waylan Limberg <[EMAIL PROTECTED]> wrote: > > On Tue, Jul 1, 2008 at 8:28 PM, Arien <[EMAIL PROTECTED]> wrote: >> >> On Tue, Jul 1, 2008 at 6:10 PM, Waylan Limberg <[EMAIL PROTECTED]> wrote: >>> >>> On Tue, Jul 1, 2008 at 5:59 PM, David Durham, Jr. >>> <[EMAIL PROTECTED]> wrote: >>>> >>>> Nice thing about GETs is that users aren't confronted with the dreaded >>>> "Data was submitted with POST" confirmation, which is confusing to >>>> most people and usually not tested. Basically you end up breaking the >>>> back button and the reload button. >>> >>> Um, this is intentional and a good thing. If you read the spec, not >>> only is the difference between GET and POST defined, but the way user >>> agents (browsers) should treat them is defined as well. Breaking the >>> back & reload buttons is a requirement of the spec to, among other >>> reasons, avoid multiple posts by impatient (or double-clicking) users. >>> Granted, browsers could provide more helpful messages, but we want >>> that behavior for POSTing data. >> >> What specification requires this? >> > A number of them actually. To name a few: > > http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9 > http://www.w3.org/TR/REC-html40/interact/forms.html#h-17.13 > http://www.w3.org/2001/tag/doc/whenToUseGet.html > > A decent summary of the issues are found here: > http://www.cs.tut.fi/~jkorpela/forms/methods.html
Oh, right, now I see what you (and David Durham) are getting at when you say "breaking the back and reload buttons". It's this part of the HTTP spec: 9.1.1 Safe Methods [...] In particular, the convention has been established that the GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval. These methods ought to be considered "safe". This allows user agents to represent other methods, such as POST, PUT and DELETE, in a special way, so that the user is made aware of the fact that a possibly unsafe action is being requested. I'll try and read more carefully next time. :-) Arien --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~----------~----~----~----~------~----~------~--~---
