W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1997

Re: GET and referer security considerations

From: Patrick McManus <mcmanus@appliedtheory.com>
Date: Thu, 3 Jul 1997 09:16:18 -0400 (EDT)
Message-Id: <199707031316.JAA04714@pat.appliedtheory.com>
To: "David W. Morris" <dwm@xpasc.com>
Cc: advax@triumf.ca, ruby@name.net, http-wg@cuckoo.hpl.hp.com
In a previous episode David W. Morris said...

:: On Wed, 2 Jul 1997, Andrew Daviel wrote:
:: 
:: > 
:: > I think the convention is to use POST for submitting information and GET
:: > for queries (like search engines). POST results may not be cached; so
[...]

:: 
:: This is another example of a broken relationship between the history
:: list and caching. I don't know if your example is a POST but there is
:: a possiblity that what you are seeing from the server has an 
:: exception HTTP status (not 200, etc.) which the browsers refuse
:: to leave alone in the history list but insist in resubmitting each
:: time.

David is correct here of course.. but this does bring the
safe-post/get-w-body/safe-uahint questions back to the table.

what's the status of draft-ietf-http-uahint-00.txt with respect to
2068?

-P
Received on Thursday, 3 July 1997 06:22:08 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:45 EDT