- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Tue, 13 Nov 2007 10:32:52 +0100
- To: Jon Barnett <jonbarnett@gmail.com>
- CC: Daniel Glazman <daniel.glazman@disruptive-innovations.com>, Boris Zbarsky <bzbarsky@mit.edu>, Mark Baker <distobj@acm.org>, "public-html@w3.org" <public-html@w3.org>
Jon Barnett wrote: > Thanks for the rude response. > > The point I made was that the browser prompts prompts the user before > letting them repeat an unsafe request. That's the difference between > GET and POST that's explicitly shown to a user - how they understand > it is up to the browser to communite. How that warning is worded is > irrelevant "The page you are trying to view contains POSTDATA" or > "Refreshing this page may perform such actions as double-charging a > credit card." or "This page has expired" - the wording is irrelevant, > but the point is that after the fact, when attempting to refresh the > page or clicking the back button, the user sees a difference between a > POST and a GET in the warning that lets them know that repeating a > POST request may do something unwanted. Again, the technicality of > the warning is irrelevant as long as the repercussions are clear (and > if they're not that's the browser's fault.) Yes. > And the only reason for making that point is to show why POST is > appropriate for @ping - it performs an action that shouldn't be > repeated by accident. In the case of @ping, the user doesn't need to > see a warning because the final destination was a GET request, but the > browser knows not to repeat the POST request without explicit action >>from the user (actually clicking the link that causes the ping). Sorry, no. A refresh of a page doesn't constitute what HTML5 calls "following a hyperlink". That is, refreshing a page (or accessing it again through bookmarks) will never initiate the "ping", so what you say is not relevant for our discussion. > ... Best regards, Julian
Received on Tuesday, 13 November 2007 09:33:07 UTC