[Mailman-Developers] Off topic: a cautionary tale.
Barry A. Warsaw
barry@python.org
Tue, 30 Jul 2002 11:18:42 -0400
>>>>> "DN" == Dale Newfield <Dale@Newfield.org> writes:
DN> On Tue, 30 Jul 2002, Chuq Von Rospach wrote:
>> What got in was -- htDig, the search engine. Which happily
>> follows all links, including, if you let it spider phpMyAdmin,
>> the "delete this database" links. Including the database
>> holding all of the MySQL configuration and account info. Which
>> causes MySQL to die. Which...
DN> I've thought for a while that phpMyAdmin was making a mistake
DN> with GET links for all those actions--they should be POST
DN> buttons, and spiders would not be able to do this.
We had this discussion a while back w.r.t. Mailman's web confirmation
pages. It was pointed out (forcefully ;) that GETs shouldn't have
side effects, and should be reproducible, so the web confirmations
were turned into POSTs. Sounds like phpMyAdmin is violating the
conventions.
As an added precaution, for non-undoable actions like deleting a list,
Mailman requires the list admin password, even though it knows you're
authenticated.
-Barry