If you have expensive calculations, you can just lock them down onto a POST page under HTTPS with a CSRF token. That will eliminate most issues.
You can also segment expensive routes to run in their own application instance , and throttle users (based on session, ip, etc ) so that general server resources aren't impacted by overactivity in select routes. There are a lot of popular application design approaches that will solve your issues, and are way more simple than trying to re-imagine the HTTP protocol. -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/pylons-discuss. For more options, visit https://groups.google.com/d/optout.
