Y
Hacker News
new
|
ask
|
show
|
jobs
by
nzmsv
5907 days ago
Using GET to delete is just asking to have a search crawler wipe your entire site. Not only is this not RESTful, it violates the RFC.
1 comments
fnid2
5907 days ago
Not requiring a username and password to delete is just asking to have your entire database deleted by a click happy anonymous web browser.
"Ooo... look! I can delete whatever!... Okay..." click click click click...
link
nzmsv
5907 days ago
...and that's why I shouldn't post at 2am :)
link
"Ooo... look! I can delete whatever!... Okay..." click click click click...