| Semi-bug, slight misdesign? GET requests. [message #14143] |
Thu, 06 November 2003 04:34  |
Xodnizel
Test
Messages: 7
Registered: November 2003
Karma:
|
Junior Member |
|
|
http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html is a nice read on the difference between what various HTTP methods should do.
I still stand by my belief that POST requests should be used to change the state of something permanent, and not GET requests.
I've made a list of places in the normal forum where such requests are made(many are made in the admin control panel, but...), to counter that argument that there aren't many such places. :b
Buddy list functions, group manager, ignore list functions, "logout", lock/unlock topics, move threads(the actual move thread request is a GET request), some private message functions, subscription functions(including forum notification), and a few others.
I'm also concerned with the "single click" required to confirm a user after receiving the email. People could be easily tricked/confused into clicking the link when someone else made the registration request(and I wonder if any clients would preemptively fetch the link?).
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]