Jamie Lokier schrieb: > Julian Reschke wrote: >> Jamie Lokier schrieb: >>> ... >>> In particular as you raise the point of POST requiring "user >>> intervention", if there is really is a need for user intervention the >>> recommendation ought to give guidance on what that means. >>> ... >> I guess what it means is that a user agent should not send a POST >> request unless the user has clicked on a button (something that stands >> out from a regular link). That's also why allowing form.submit or >> XHR.send() from within a script running "onload" is problematic. > > What about a web-based instant messaging client, where the user types > some text and it must be relayed to the server as it is typed, perhaps > character by character? > > There are basically two ways to do a "web application" like that now: > GET or POST with client-side scripts. > > My reading of the HTTP spec. says that POST should be used for those > messages, because it's not fetching a resource, it's sending data to a > resource to be processed. > > In practice of course, the author will use whatever works, which often > has to be GET for technical reasons. Of course I'm not suggesting to use GET instead of POST (in case anybody thought that :-). A key press *is* a user interaction, so sending a POST upon pressing a key doesn't seem to be a problem to me. What I'm concerned with is people following a link, opening a web page, and a script doing a POST without *any* further user interaction. Best regards, JulianReceived on Monday, 12 June 2006 19:19:58 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 6 June 2008 08:04:29 GMT