Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
mkopinsky
on Oct 12, 2011
|
parent
|
context
|
favorite
| on:
Googlebot now makes POST requests via AJAX
Does it only do POSTs that are in the document's onload handler, or also things that are in onclick? I think that the latter could be dangerous
<a href="#" onclick="$.post(etc)">Delete</a>
faruken
on Oct 12, 2011
[–]
Why would you let an anonymous visitor to delete a data just by clicking a link?
waitwhat
on Oct 12, 2011
|
parent
[–]
The obvious example is a wiki.
mseebach
on Oct 12, 2011
|
root
|
parent
[–]
The implicit expected behaviour of clicking a link is that of a GET - i.e. not updating or deleting data. Delete actions should be a POST submit on a form.
waitwhat
on Oct 12, 2011
|
root
|
parent
[–]
In theory, theory and practice are the same. In practice, they are not.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
<a href="#" onclick="$.post(etc)">Delete</a>