GET无国籍? [英] Is GET stateless ?
问题描述
GET不应该改变资源的状态
(相比POST,显然可以)
现在这个不是我的陈述,我个人不支持它,它是定期明显违反的,我可以在RFC中找到任何东西
2616等。支持它。
团队的想法是什么?
"A GET is not supposed to change the state of the resource"
(compared to a POST, which obviously can)
Now this isn''t my statement, I don''t personally support it, it''s
clearly breached on a regular basis and I can;t find anything in RFC
2616 et al. to support it.
What does the team think ?
推荐答案
在星期一, 2003年9月15日,Andy Dingley写道:
On Mon, 15 Sep 2003, Andy Dingley wrote:
GET不应该改变资源状态(与POST相比,显然可以)
现在这不是我的陈述,我个人不支持它,它明显违反了,我无法在RFC中找到任何东西/> 2616等。支持它。
团队的想法是什么?
"A GET is not supposed to change the state of the resource"
(compared to a POST, which obviously can)
Now this isn''t my statement, I don''t personally support it, it''s
clearly breached on a regular basis and I can;t find anything in RFC
2616 et al. to support it.
What does the team think ?
clap-o-meter说:
http://www.w3.org/ Protocols / rfc2616 / .... html#sec9.1.2
___
/
方法还可以具有幂等的属性在那里(除了错误或到期问题的
)N的副作用> 0个相同的
请求与单个请求相同。方法GET,HEAD,
PUT和DELETE共享此属性。方法也可以具有idempotence的
属性。在那里(除了错误或到期
问题)N的副作用>对于单个请求,0个相同的请求与
相同。方法GET,HEAD,PUT和DELETE共享这个
属性。
\ ___
The clap-o-meter says:
http://www.w3.org/Protocols/rfc2616/....html#sec9.1.2
___
/
Methods can also have the property of "idempotence" in that (aside
from error or expiration issues) the side-effects of N > 0 identical
requests is the same as for a single request. The methods GET, HEAD,
PUT and DELETE share this property. Methods can also have the
property of "idempotence" in that (aside from error or expiration
issues) the side-effects of N > 0 identical requests is the same as
for a single request. The methods GET, HEAD, PUT and DELETE share this
property.
\___
Andy Dingley写道:
Andy Dingley wrote:
GET不应该改变资源的状态
(相比POST,显然可以)
现在这不是我的陈述,我个人不支持它,它明显违反了,我无法在RFC中找到任何东西
2616等。支持它。
团队的想法是什么?
"A GET is not supposed to change the state of the resource"
(compared to a POST, which obviously can)
Now this isn''t my statement, I don''t personally support it, it''s
clearly breached on a regular basis and I can;t find anything in RFC
2616 et al. to support it.
What does the team think ?
RFC 2616的相关部分是:
特别是,已经确定GET和HEAD
方法的约定不具有采取除检索以外的行动的重要性。这些方法应该被认为是安全的。这允许用户
代理以
特殊方式表示其他方法,例如POST,PUT和DELETE,以便用户了解事实可能
正在请求不安全的行动。
- < URL:http://www.w3.org/Protocols/rfc2616/rfc2616 -sec9.html#sec9.1>
这不是必须的,只是不应该,但我认为应该听取
几乎在所有情况下。如果你真的必须使用GET进行非安全
操作,那么一旦
交易通过,你可能会想要重定向,以避免用户重新加载的问题。
为什么你不支持它?是否有任何有用的非安全GET操作可以
这样做你不能做任何其他方式吗?
-
Jim Dabell >
>>>>> "吉姆" == Jim Dabell< ji ******** @ jimdabell.com>写道:
Jim>你为什么不支持它?是否有任何有用的非安全GET操作可以
Jim>这样做你不能做任何其他方式吗?
你不能建立像
< a href =" / some / cgi / script?id = 123">删除此项< / a>
这不是按钮。
当然,索引者会很乐意关注此链接,并删除您的
项目。 :)
-
Randal L. Schwartz - 巨石阵咨询服务公司 - +1 503 777 0095
< ;我**** @ stonehenge.com> < URL:http://www.stonehenge.com/merlyn/>
Perl / Unix /安全咨询,技术写作,喜剧等。
请参阅PerlTraining.Stonehenge.com进行现场和开放式注册Perl培训!
>>>>> "Jim" == Jim Dabell <ji********@jimdabell.com> writes:
Jim> Why don''t you support it? Is there anything useful non-safe GET actions can
Jim> do that you cannot do any other way?
You can''t make a link like
<a href="/some/cgi/script?id=123">delete this item</a>
that isn''t a button.
Of course, indexers will be happy to follow this link, and delete your
item. :)
--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<me****@stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
这篇关于GET无国籍?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!