[whatwg] <a href="" ping="">
Jasper Bryant-Greene
jasper at album.co.nz
Tue Oct 25 22:59:48 PDT 2005
On Tue, 2005-10-25 at 22:50 -0700, Mike Dierken wrote:
> > S. Mike Dierken wrote:
> > >> I'm not sure where this idea has come from that sending POSTs is
> > >> inherently unsafe (which, by the way, no-one has offered a good
> > >> explanation for yet).
> > >
> > > POST requests are unsafe because the intent is to modify the data
> > > identified by the resource - data modification is tagged as
> > being 'unsafe'.
> >
> > I think your confusing this with the fact that using GET
> > requests for data modification is unsafe, and seem to be
> > saying that POST is unsafe when used as intended!?
> >
> Yes - I'm trying to use the terms 'safe' and 'unsafe' to mean 'read-only'
> and 'not read-only', respectively.
> That's the usage of 'safe' and 'unsafe' with respect to HTTP that I'm
> familiar with.
>
> For example, which (if any) of the following two FORMs is 'safe':
>
> <form method='GET' action='../cgi-bin/nifty.cgi'>
> <input type='submit' value='go' />
> </form>
>
> <form method='POST' action='../cgi-bin/nifty.cgi'>
> <input type='submit' value='go' />
> </form>
>
I don't see anything particularly unsafe about either of them, but I
think I can see what you're getting at.
Perhaps "without side-effects" or "idempotent" might be better
descriptions than "safe"? The above two forms both look like they're
doing exactly what they were intended to do, and therefore don't seem
"unsafe" at all...
--
Jasper Bryant-Greene
General Manager
Album Limited
e: jasper at album.co.nz
w: http://www.album.co.nz/
p: 0800 4 ALBUM (0800 425 286) or +64 21 232 3303
a: PO Box 579, Christchurch 8015, New Zealand
More information about the whatwg
mailing list