[whatwg] <a href="" ping="">

Mike Dierken mdierken at hotmail.com
Tue Oct 25 22:50:56 PDT 2005


> S. Mike Dierken wrote:
> >> I'm not sure where this idea has come from that sending POSTs is 
> >> inherently unsafe (which, by the way, no-one has offered a good 
> >> explanation for yet).
> > 
> > POST requests are unsafe because the intent is to modify the data 
> > identified by the resource - data modification is tagged as 
> being 'unsafe'.
> 
> I think your confusing this with the fact that using GET 
> requests for data modification is unsafe, and seem to be 
> saying that POST is unsafe when used as intended!?
> 
Yes - I'm trying to use the terms 'safe' and 'unsafe' to mean 'read-only'
and 'not read-only', respectively. 
That's the usage of 'safe' and 'unsafe' with respect to HTTP that I'm
familiar with.

For example, which (if any) of the following two FORMs is 'safe':

<form method='GET' action='../cgi-bin/nifty.cgi'>
 <input type='submit' value='go' />
</form>

<form method='POST' action='../cgi-bin/nifty.cgi'>
 <input type='submit' value='go' />
</form>




More information about the whatwg mailing list