[nycphp-talk] Preferred method for parsing multi-rowsubmitbuttons
Daniel Krook
krook at us.ibm.com
Mon Nov 21 17:30:20 EST 2005
> > Although, if the Action requires an authenticated user,
> > I'm still not
> > sure I understand where the risk is.
>
> Cliff,
>
> You are right that the spider/wget risk is somewhat
> mitigated if you have
> a protected page, but that still leaves open the URL being
> saved in the
> browser history, or even bookmarked.
Actually, now that I think about it again... if you had a link to a delete
page with an id, and you'd clicked it already (putting it in the browser
history) a second click to the same delete page with that id wouldn't (in
theory) have an effect.
In any case, going from POST to GET opens up a lot of these minor things
to think about :)
Daniel Krook, Content Tools Developer
Global Production Services - Tools, ibm.com
http://bluepages.redirect.webahead.ibm.com/
http://blogpages.redirect.webahead.ibm.com/
http://bookmarks.redirect.webahead.ibm.com/
More information about the talk
mailing list