[email protected] wrote:
Read my response. I said
1) POST is the prefered method
Not according to the standard. Everything has its place.
2) using GET for a content sensitive site like an online banking site is
bad. I m sure you would not want to have people book marking your
session ID , or worst, the user credentials used to login and access
certain pages which are private to the authorised user.
The session id shouldn't be in the URI, that's what cookies are for.
Authentication credentials are an exception to the normal guideline.
But everything else? Why shouldn't I bookmark the "latest transactions"
page of my credit card account? Or the "Give me a form so I can pay my
electricity bill" page?
--
David Dorward
_______________________________________________
List: [email protected]
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/[email protected]/
Dev site: http://dev.catalyst.perl.org/
