W3C home > Mailing lists > Public > whatwg@whatwg.org > October 2005

[whatwg] <a href="" ping="">

From: Jasper Bryant-Greene <jasper@album.co.nz>
Date: Sat, 22 Oct 2005 16:41:07 +1300
Message-ID: <1129952467.15734.3.camel@jasper.local>
On Fri, 2005-10-21 at 20:31 -0700, S. Mike Dierken wrote:
> > > Or is it just "hitting" -- making an hidden HTTP GET request of each 
> > > token in the "ping" attibute?
> > 
> > Right. Hidden HTTP POST request, as it happens, but yes.
> Oh, that really shouldn't be done via POST. Clicking a link should be safe
> and sending a POST as a side-effect is not safe.
> 

It definitely should be a POST, because the action performed by it is
not idempotent. See [1].

I would say it's OK to send a POST as a side effect because it's going
to an URL where the developer expects a POST. If you can come up with a
reason why it's not safe, I'd like to hear it.

[1] http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.1.2

-- 
Jasper Bryant-Greene
General Manager
Album Limited

e: jasper at album.co.nz
w: http://www.album.co.nz/
p: 0800 4 ALBUM (0800 425 286) or +64 21 232 3303
a: PO Box 579, Christchurch 8015, New Zealand
Received on Friday, 21 October 2005 20:41:07 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:58:43 UTC