[pmwiki-users] Robustness of PmWiki
Patrick R. Michaud
pmichaud at pobox.com
Sun Jun 25 22:05:06 CDT 2006
On Sun, Jun 25, 2006 at 02:27:21PM +0200, Martin Bayer wrote:
> Am Sonntag, 25. Juni 2006 13:30 schrieb Joachim Durchholz:
> [mod_rewrite]
> > (I still don't *like* that solution. It's far too much manual
> > intervention for my taste. But it may well be the most effective one.)
>
> The best solution would be, IMHO, not to use GET for actions, in particular
> not for actions that change the database (edit, revert, and so on). See
> also RfC 2616, Section 9.1.1 (Safe Methods) on this:
>
> | In particular, the convention has been established that the GET and
> | HEAD methods SHOULD NOT have the significance of taking an action
> | other than retrieval.
FWIW, none of PmWiki's "actions of significance" happen via GET --
they all use POST. (I don't consider things like ?action=edit
and ?action=diff as being more than a retrieval, since all they do
is retrieve a specialized view of a page but otherwise do not
change the underlying data.)
Pm
More information about the pmwiki-users
mailing list