[
Lists Home |
Date Index |
Thread Index
]
[Jeff Greif]
Just to take issue with this one specific point:
>
> 2. GET is not actually idempotent, owing to the nearly ubiquitous process
> of logging the request URI, including any attached query. This clearly
> modifies server state and sometimes causes security and/or privacy
concerns.
>
Logging the request does not change the state of the specific __resource__,
even though it does change the serve state. The side effects referred to by
idempotent/non-idempotent are, as I have understood it, about changes to the
resource itself. For example, if you GET data from a database, the database
contents that go into the response are not supposed to change, so that you
would get the same data back.
It can get a bit confusing, not because the log modifies serve state, but
because what is the "data", anyway? If I redesign the page but return the
same values from the database, is it just another representation of the same
"resource"? The intent is surely "yes", but it's always possible to argue
grey areas.
Cheers,
Tom P
|