> On Dec 2, 2014, at 4:33 AM, random...@fastmail.us wrote: > > On Mon, Dec 1, 2014, at 15:28, Israel Brewster wrote: >> For example, I have a URL on my Cherrypy app that updates some local >> caches. It is accessed at http://<server>/admin/updatecaches So if I >> start typing http://<server>/a, for example, safari may auto-fill the >> "dmin/updatecaches", and trigger a cache refresh on the server - even >> though I was just trying to get to the main admin page at /admin. Or, it >> might auto-fill "uth/logout" instead (http://<server>/auth/logout), and >> log me out of my session. While the former may be acceptable (after all, >> a cache update, even if not strictly needed, is at least non-harmfull), >> the latter could cause serious issues with usability. So how can cherrypy >> tell the difference between the "prefetch" and an actual request, and not >> respond to the prefetch? > > Why is your logout form - or, your update caches form, etc - a GET > instead of a POST?
Primary because they aren’t forms, they are links. And links are, by definition, GET’s. That said, as I mentioned in earlier replies, if using a form for a simple link is the Right Way to do things like this, then I can change it. Thanks! ————— Israel Brewster > The key problem is that a GET request is assumed by > browser designers to not have any harmful side effects. > -- > https://mail.python.org/mailman/listinfo/python-list -- https://mail.python.org/mailman/listinfo/python-list