[mnutt]

The only thing I don't like about the Rails routing guide is how much it talks about having a default route of `match ':controller/:action/:id'`. I would still use `match`, but any actions that are meant to be posts should add `:method => :post` to them. And ideally use `resources` where ever it makes sense.

[spicyj]

You can simply write post instead of match to require a POST request.

[uxp]

You can use most all of the verbs:

   get    '/foo'     => 'foos#index',   as: :foo
   post   '/foo'     => 'foos#new',     as: :new_foo
   get    '/foo/:id' => 'foos#show',    as: :show_foo
   put    '/foo/:id' => 'foos#edit',    as: :edit_foo
   delete '/foo/:id' => 'foos#destroy', as: :destroy_foo

or scope them if you'd like:

    scope controller: "foo", constraints: { id: /0-9]+/ } do
      get    '/foo'   => :index, as: :foo
      post   '/foo'   => :new,   as: :new_foo
      put    ...
      delete ...
    end

[homakov]

Fix: not :method but :via :)

And, again! PLEASE use method "data" instead of match :via => method. It's much better and looks clean.

[tptacek]

In exactly what sense do you think that's better?

[homakov]

it does absolutely same job(you can read sources) but requires less symbols and looks RESTful - fair enough, isn't it?

[mnutt]

Sorry, you're right about the :via, I must have misremembered.

[cmwright]

Right, so what this post is saying is that for the most part the evil is in using this default route, leaving open controller actions that should only be accessible as posts. Will have to look more into the docs, but it's good to know that the methods specified in the guide have some caveats.