Also why a GET request should never delete, or possibly even modify, data.

landhar · on Oct 12, 2011

JonoW · on Oct 12, 2011

For sure. Combine the 2 mistakes and you're pretty fucked

on Oct 12, 2011

[deleted]

JonnieCache · on Oct 12, 2011

>Why should a GET never modify data?

Because that's what the HTTP spec says. Wander off-spec, and you will eventually have problems, like the unfortunate gov department in the article.

Relatedly, idempotency is a too-poorly understood concept.

pavel_lishin · on Oct 12, 2011

> That would stop half the web working.

What do you mean?

loup-vaillant · on Oct 12, 2011

Probably that half the web rely on GET requests to do things they are totally not intended to do, like, deleting a resource.

Therefore, if you suddenly find a way to actually forbid GET to ever trigger that, then that half wouldn't work "properly" any more.