I'm aware of this "rule", it just doesn't make any sense to me. In fact, if adhered to it would add a good bit of complexity to otherwise simple apps. I've seen the Rails folks obsessing about this, where they are forcing some normal URLs to be POST, and likewise forcing some forms to be GET, for no benefit at all other than to obey this seemingly pointless rule.
On 10/14/07, Dave Watts <[EMAIL PROTECTED]> wrote: > > > I suppose I don't understand why you'd care if the variable > > came from a form field as opposed to a URL variable. Either > > way you're going to have to make sure the user is an admin > > and they they have the rights to delete something. > > Data changes should not be triggered by GET requests. > > Dave Watts, CTO, Fig Leaf Software > http://www.figleaf.com/ > > Fig Leaf Software provides the highest caliber vendor-authorized > instruction at our training centers in Washington DC, Atlanta, > Chicago, Baltimore, Northern Virginia, or on-site at your location. > Visit http://training.figleaf.com/ for more information! > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Create robust enterprise, web RIAs. Upgrade to ColdFusion 8 and integrate with Adobe Flex http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291093 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
