durusmail: quixote-users: non-idempotent GETs
non-idempotent GETs
2005-05-10
Neil Schemenauer
2005-05-10
Titus Brown
2005-05-10
Mario Ruggier
2005-05-10
Neil Schemenauer
2005-05-10
Charles Hornberger
2005-05-10
A.M. Kuchling
2005-05-10
Neil Schemenauer
2005-05-10
Ryan Tomayko
2005-05-10
Graham Fawcett
2005-05-11
Graham Fawcett
2005-05-10
Jason Sibre
2005-05-10
Ryan Tomayko
2005-05-10
David Binger
2005-05-10
Neil Schemenauer
2005-05-29
Martin Maney
2005-05-29
David Binger
2005-05-29
Martin Maney
non-idempotent GETs
Martin Maney
2005-05-29
On Tue, May 10, 2005 at 12:37:42PM -0600, Neil Schemenauer wrote:
> On Tue, May 10, 2005 at 07:06:32AM -0400, David Binger wrote:
> > With a link_to link, won't the user be tricked into thinking,
> >  "I't is safe to click on this link, since I know that links do
> >  not  modify anything on a well-behaved server"?
>
> Some people make that argument.  I haven't decided if I agree.

I think that's a misstatement of the real issue, and the real issue
isn't one that cares whether or not you agree with it.  David, I think
you're projecting far too much developer-think onto the actions of J.
Random, web user extrodinaire.  JR doesn't think (1) in terms of a model
behind things: he just knows that links are for clicking. and is
surprised and hurt every time doing so causes something bad to happen.
So the real problem is that users generally expect that just clicking
on a link won't hurt them, and if that's how most of them behave, then
all the disagreeing in the world matters not a jot.  Depending on your
goals, it may be reasonable to decide not to care what befalls fools
who click on the big red link that's labelled "dump all data and
commence global thermonuclear war", but between you and me I hope that
if you have such a link it has a few safeguards built in and doesn't
just assume that receiving that GET reflects a thoughtful decision!  :-)


(1) doesn't *think* in those terms.  of course there's a model of sorts
in there, but awareness of, let alone thoughtful consideration of, the
models one has of things in the world is, IME, pretty rare among the
general population.  Programmers, at least good ones, are among those
who have learned to think about models and other abstractions.

--
In terms of utility rather than dollars, I can spend "nothing"
(which to a first approximation is the value of a dollar out of my
weekly budget) to get a non-zero chance of completely changing my
life.  Or, in yet other terms, I can just wait for them to send me
the check by mistake, which can't be *that* much less likely than
actually winning [the lottery].  -- David Dyer-Bennet
reply