Thursday, 17 December 2009

GET information, POST changes

A micro-post, but this isn't said often enough: Don't use GET requests to change data server-side, use POST (for example, when using Ajax to modify things server-side). GETs are supposed to be idempotent, which is a fancy way of saying that doing them repeatedly has the same effect as doing them once. So, GET the contents of a message on a message board, but POST new messages to the board.

More (in incredibly turgid prose!) in Section 9.1.2 of the HTTP spec.