Maurice schreef: >> "but it seems that a number of web developers not only produce markup >> like this but notice the requests in their HTTP logs and file bugs >> about it." > > This happened a lot to me recently during the early to mid-development > stages of a few sites. > > The html validator didn’t notify me of an img tag with no src value > and even if it die I wouldn't have cared > because it happened when I was mostly focusing on server side code to > manage content. > So at the time the validity of the html and image sources weren’t my > primary concern. > > I only noticed because when loading that page should result in 1 new > record in the database I got 5 new records instead. > This happened because I had 4 empty img tags in my template. > Each one causing the browser to call the page url 4 additional times :( GET is supposed to be a ‘safe’ method and not create any data, only read — by coding pages in such a way as you describe, you are creating a security vulnerability. So instead of treating the extra requests caused by <img src=""> as a bug, you should’ve considered it a warning. I.e. someone can digg that URL and spam your database. ~Laurens -- Note: New email address! Please update your address book. ~~ Ushiko-san! Kimi wa doushite, Ushiko-san nan da!! ~~ Laurens Holst, student, Utrecht University, the Netherlands Website: www.grauw.nl. Backbase employee; www.backbase.comReceived on Friday, 9 January 2009 09:18:21 UTC
This archive was generated by hypermail 2.3.1 : Thursday, 29 October 2015 10:15:41 UTC