[brg]

Thank you for the explanation.

In the example, the add-contact URI was dynamically generated so the deletion from following a url and and bookmark breaking did not seem especially pertinent.

But your explanation made a lot of points clear. One maintains the integrity of the call by placing parameters in the body. Avoiding proxy and caching issues inherit in using GET, as well as avoiding xss, makes immediate sense.

[nzmsv]

There can be workarounds, but using something that's not broken in the first place is better. Every one of those issues comes from other software expecting the spec (RFC) to be followed where it's not.

Another thing I remembered after I posted. There is no universally agreed upon maximum query string length, so passing parameters in GET is web server dependent.