[Web-SIG] Form field dictionaries
Gregory (Grisha) Trubetskoy
grisha at modpython.org
Fri Oct 24 21:59:46 EDT 2003
On Fri, 24 Oct 2003, Simon Willison wrote:
> The 2nd point above is supported by this quote from the HTTP spec:
>
> """
> In particular, the convention has been established that the GET and HEAD
> methods SHOULD NOT have the significance of taking an action other than
> retrieval. These methods ought to be considered "safe"
> """
>
> http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.1.1
For everyone's amusement, here is last two out of the three paragraphs of
this section:
In particular, the convention has been established that the GET and
HEAD methods SHOULD NOT have the significance of taking an action
other than retrieval. These methods ought to be considered "safe".
This allows user agents to represent other methods, such as POST, PUT
and DELETE, in a special way, so that the user is made aware of the
fact that a possibly unsafe action is being requested.
Naturally, it is not possible to ensure that the server does not
generate side-effects as a result of performing a GET request; in
fact, some dynamic resources consider that a feature. The important
distinction here is that the user did not request the side-effects,
so therefore cannot be held accountable for them.
At first I thought this was completely wacky and didn't belong in an RFC
at all. But having read it a couple of times, I'm thinking that they are
referring here to *browser implementations*, not web apps, so I don't
think it's relevant to our discussion.
Grisha
More information about the Web-SIG
mailing list