[Catalyst] Re: REST - like uri design for CRUD

[Aristotle Pagaltzis]

* Christopher Laco <claco at chrislaco.com> [2008-01-23 04:40]:
> But surely the same is true for POST as well using a
> form/javascript.

Yes. `form.submit()` is a blight on browsers. :-( The fact that
it’s the only violation of web arch in the browser model is small
solace.

But just because a determined attacker can do damage on purpose
doesn’t mean you have to make it really easy too, does it?

Regards,
-- 
Aristotle Pagaltzis // <http://plasmasturm.org/>