|
Posted by Reporter on July 1, 2007, 3:27 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> > This is from Chapter 12.2 Safe Methods
>
> >http://www.freesoft.org/CIE/RFC/1945/70.htm
>
> > "In particular, the convention has been established that the GET and
> > HEAD methods should never have the significance of taking an action
> > other than retrieval. These methods should be considered "safe."
>
> GET and HEAD commands sent to a web server should do nothing but read
> some stuff. They shouldn't change anything. Furthermore, they
> aren't generally sending any info to the web server across a (possibly
> unencrypted) connection other than the request itself.
>
> Some GET requests however do send parameters in the URL, sometimes
> stupidly.
>
> > This allows user agents
>
> "user agents" think "web browsers"
>
> > to represent
>
> implement
>
> > other methods, such as POST, in a special way, so that the user is
> > made aware of the fact that a possibly unsafe action is being
> > requested."
>
> POST is generally the request a web browser is doing behind the scenes
> when say, you press SUBMIT on a web form a login form, credit card
> details form, search box, whatever.
>
> The RFC is suggesting here that warning box you get when you first
> submit a form (that uses the POST method) on a new computer or with a
> new web browser that warns you that you are about to submit form field
> details and send them over an unencrypted link (in the case of a
> non-ssl site) and that other people can view them.
>
> At least that's one opinion of what this all means, anyway.
>
> Best Regards,d
> --
> Todd H.http://www.toddh.net/
Todd, thank you very much.
- Sam -
| 
XML site map