[whatwg] <a href="" ping="">

Jasper Bryant-Greene jasper at album.co.nz
Fri Oct 21 20:41:07 PDT 2005


On Fri, 2005-10-21 at 20:31 -0700, S. Mike Dierken wrote:
> > > Or is it just "hitting" -- making an hidden HTTP GET request of each 
> > > token in the "ping" attibute?
> > 
> > Right. Hidden HTTP POST request, as it happens, but yes.
> Oh, that really shouldn't be done via POST. Clicking a link should be safe
> and sending a POST as a side-effect is not safe.
> 

It definitely should be a POST, because the action performed by it is
not idempotent. See [1].

I would say it's OK to send a POST as a side effect because it's going
to an URL where the developer expects a POST. If you can come up with a
reason why it's not safe, I'd like to hear it.

[1] http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.1.2

-- 
Jasper Bryant-Greene
General Manager
Album Limited

e: jasper at album.co.nz
w: http://www.album.co.nz/
p: 0800 4 ALBUM (0800 425 286) or +64 21 232 3303
a: PO Box 579, Christchurch 8015, New Zealand




More information about the whatwg mailing list