On Fri, Nov 26, 2010 at 3:02 PM, Aristotle Pagaltzis pagalt...@gmx.de wrote:
* Ronald J Kimball rkimb...@pangeamedia.com [2010-11-23 18:00]:
REST principles dictate that I use POST, not GET, for these
requests. The same-origin policy forces me to use JSONP, which
can only make GET requests,
* Ronald J Kimball rkimb...@pangeamedia.com [2010-11-23 18:00]:
For what it's worth, the REST methods that I want to expose in
this way are for posting responses to content. There won't be
any deletes.
Still, it opens you up to hostile third-party sites injecting
15,000 bogus responses on
I proposed a solution, the package Resty::Controller::API; example I
sent earlier. Trying to write your controller using
Catalyst::Action::Deserialize is a mistake, as it's not what
Deserialize does.
from
On Mon, Nov 22, 2010 at 3:12 PM, Aristotle Pagaltzis pagalt...@gmx.de wrote:
This is really, really, really bad. It’s roughly like modifying
a file system to be allow file deletion as a side effect of
opening a file. GET is supposed to be safe, that is, it should be
free of side effects that
* Ronald J Kimball rkimb...@pangeamedia.com [2010-11-22 18:50]:
I want to convert a GET request to a POST request, inside my
Catalyst app, before dispatching happens. For example, I want
to take a request like:
GET /foo?method=POSTbody={foo:1}content-type=text/javascript
and convert it into
On Mon, 22 Nov 2010 21:12:26 +0100, Aristotle wrote:
* Ronald J Kimball rkimb...@pangeamedia.com [2010-11-22 18:50]:
I want to convert a GET request to a POST request, inside my
Catalyst app, before dispatching happens.
[...]
This is really, really, really bad.
[...]
So, what solution do