Re: Methods on resources... am I abusing resources ? from Paul Libbrecht on 2004-12-02 (www-tag@w3.org from December 2004)

From: Paul Libbrecht <paul@activemath.org>
Date: Thu, 2 Dec 2004 18:18:52 +0100
To: www-tag@w3.org
Message-Id: <3D1E67DE-4486-11D9-BC0A-000A95C50B1C@activemath.org>

Le 1 déc. 04, à 02:18, Paul Cotton a écrit :
> Have you reviewed the TAG issue on when to use GET:
> whenToUseGet-7: (1) GET should be encouraged, not deprecated, in 
> XForms (2) How to handle safe queries (New POST-like method? GET plus 
> a body?)
> http://www.w3.org/2001/tag/issues.html?type=1#whenToUseGet-7
> /paulc

Thanks, for the pointer. No, I am too new to the group to have realized 
the wealth behind these issues... quite amazing. The resolution seems 
to have gone a quite non-constraining way trying to simply characterize 
the safety aspects related to GET and POST.

 From what I have read, I would emit the following opinion, which is 
maybe too drastic:
- GET with parameters is fundamentally wrong... It has the encoding bug 
(which could only be corrected in a new spec of URIs, I understand). 
More importantly it is contrary to the semantic of GETting the 
representation of an existing resource and makes a user-agent believe 
that anything with any parameters is part of the world of resources... 
(in effect, robots should be free to put anything in forms with a get 
method...).
- why can't Google, XForms, and Web-Services actually use POST and then 
enjoy, as a normal and expectable result of a POST that has created a 
GETtable resources, a well thought redirect (or a similar form thereof) 
to a URI whose lifecycle may be, then, managed on the server (e.g. the 
airplane ticket receipt's URI, or Google telling me the URL I could use 
in the future for this search).

Form-processors and web-services that insist on having their process be 
run at every GET are still free to encode such URIs in a way they wish 
(e.g. Google uses the www-form-uri-encoding but adds the parameter 
encoding) and document this publicallly.

Form-processors that use GET in forms do allow a request to be encoded 
as a link. That's great openness!
However, I know no-one who as ever done this without actually directly 
testing on a live instance of the server... there is no reason for the 
people creating these links not to use a documented or programmatic way 
to create links that will work.

paul

PS: I'm diverging of the topic here and still expect to meet opinions 
on the abusage of considering resources as objects and standardize this 
approach in some way...

Received on Thursday, 2 December 2004 17:19:34 UTC