[Catalyst] how to confirm before deleting
Trevor Phillips
trevor.phillips at gmail.com
Thu Jan 22 06:35:24 GMT 2009
On Thu, Jan 22, 2009 at 3:12 PM, Toby Corkindale
<toby.corkindale at strategicdata.com.au> wrote:
>
> But what happens when your site gets spidered by a search engine, that
> follows all links?
>
> Whoops.
>
> There's a good reason state-modification-actions should be POST (or rather,
> non-GET, if you want to go with PUT, DELETE, etc)
Surely such an action would be behind some form of authentication,
ergo blocking any random web crawler? An app that allowed you to
delete records with no security checks has bigger issues. ^_^
--
Trevor Phillips - http://dortamur.livejournal.com/
"On nights such as this, evil deeds are done. And good deeds, of
course. But mostly evil, on the whole."
-- (Terry Pratchett, Wyrd Sisters)
More information about the Catalyst
mailing list