[
Lists Home |
Date Index |
Thread Index
]
Ramin Firoozye wrote:
>
> Actually, even if you do a GET to the database, if it goes through an
> intermediary function (like a servlet) it will end up changing the resource.
How does going through a servlet change the resource state?
>...
> Almost any application-based web-site uses GET to invoke backing code, be it
> CGI-BIN, Servlet, JSP, ASP, CML, etc. And *that* code has lots of
> side-effects in both modifying state and invoking code that modifies state.
That code CAN have side effects. It is not REQUIRED to have side
effects. And never-the-less, the HTTP specification does NOT deal with
side-effects. It is more subtle than that. Look at RFC 2616 yourself:
In particular, the convention has been established that the GET and
HEAD methods SHOULD NOT have the significance of taking an action
other than retrieval. These methods ought to be considered "safe".
This allows user agents to represent other methods, such as POST,
PUT
and DELETE, in a special way, so that the user is made aware of the
fact that a possibly unsafe action is being requested.
Naturally, it is not possible to ensure that the server does not
generate side-effects as a result of performing a GET request; in
fact, some dynamic resources consider that a feature. The important
distinction here is that the user did not request the side-effects,
so therefore cannot be held accountable for them.
> The original intent behind the idempotence of GET made sense when resources
> were limited to documents. But in an application-based environment, GET and
> PUT have become shorthands for 'short' vs. 'long' CALL frames, where
> GET-based requests are limited to URL size and PUT is not.
I think you mean "POST", not "PUT". Even so amended, I disagree. Good
web system designers know that in order to make a resource something
that can be linked to or bookmarked, they must use GET. For instance any
online discussion forum (e.g. slashdot) serves up discussion pages
through GET, not POST. Similarly, most online catalogs use individual
GET-table URIs for each item, even though the pages are dynamically
generated from a database.
Paul Prescod
|
