[whatwg] page refresh and resubmitting POST state

On Sun, 24 May 2009 16:50:38 +0100, Aryeh Gregor <Simetrical+w3c at gmail.com> wrote:

>> Is it possible for HTML 5 spec to say that browsers may re-send PUT  
>> without asking? (and that authors should use PUT only when resending is  
>> not going to cause this problems).
>
> When would that be?

When application is protected against it, e.g. includes version or timestamp as part of request and is able to reject or merge conflicting requests.

However I've re-read definition of PUT, and I'm not sure anymore if that's a good solution:

> the user agent knows what URI is intended and the server MUST NOT attempt to apply the request to some other resource. 

This makes it inappropriate for role of "idempotent POST" (e.g. it would be wrong to use PUT for login form, although login is idempotent action), therefore I'm leaning towards opinion that another solution may be needed.

-- 
regards, Kornel Lesinski

Received on Sunday, 24 May 2009 09:37:02 UTC