[whatwg] <a href="" ping="">

On Fri, 21 Oct 2005, S. Mike Dierken wrote:
> > > 
> > > Or is it just "hitting" -- making an hidden HTTP GET request of each 
> > > token in the "ping" attibute?
> > 
> > Right. Hidden HTTP POST request, as it happens, but yes.
>
> Oh, that really shouldn't be done via POST. Clicking a link should be 
> safe and sending a POST as a side-effect is not safe.

GET means that you can do it again without affecting anything. In the case 
of tracking, you can't -- the very act of contacting that tracking URI can 
cost someone money. Hence POST. (This is another advantage of ping over 
redirects, come to think of it.)

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

Received on Friday, 21 October 2005 21:22:00 UTC