- From: David Morris <dwm@xpasc.com>
- Date: Wed, 14 Jun 2006 19:15:22 -0700 (PDT)
- To: "S. Mike Dierken" <dierken@gmail.com>
- cc: "'Julian Reschke'" <julian.reschke@gmx.de>, <ietf-http-wg@w3.org>
I disagree ... www is the protocol not the application. 'unsafe' is, as you say, an indicator of how data updates might be handled. There is no fundamental unsafeness outside of the context of the web server receiving the POST. Only that server developer knows if there is any negative impact of repeated use of POST and/or there is any other reason why POST must be used. Unsafe merely means that the user agent may not assume that repeating the post is safe. One way the server developer can answer the question is to provide javascript as part of the web content which repeats the post without bugging the user because the web developer knows it is safe. On Wed, 14 Jun 2006, S. Mike Dierken wrote: > > > > Well, the notion of unsafe is really an application notion. > > Browsers protect applications by attempting to warn the user > > before repeating a POST which might repeat a data base > > change. The application designer needs to make the decision > > as to whether POST or GET is appropriate. > The WWW is the application. > It has already made the decision that POST is unsafe (modifies data) and GET > is safe (does not modify data and is predictably repeatable). >
Received on Thursday, 15 June 2006 02:15:38 UTC