Comments on: REST Mistake #1: Confirming GETs

By: spyware removal software

spyware removal software — Thu, 31 May 2007 20:45:39 +0000

spyware removal software

Features of spyware removal software.

By: bÃ¶rsenspiel

bÃ¶rsenspiel — Mon, 07 May 2007 22:19:35 +0000

technically it is within a clientâ€™s right to pre-fetch any URLs they desire. But in an email client that seems irresponsible, when some of those URLs might be:Click here to confirm for my spam list that your email address is valid!

By: toscana

toscana — Mon, 16 Apr 2007 04:46:15 +0000

E grande io ha trovato il vostro luogo! Le info importanti ottenute! ))

By: Test

Test — Fri, 30 Mar 2007 05:29:15 +0000

Hi all!

G’night

By: BillSaysThis

BillSaysThis — Sat, 15 Apr 2006 18:33:38 +0000

Both the GET and POST versions seem to require two clicks to me. One in the email to load the confirm page and one to dismiss the page; after all, even assuming a multi-tab capable browser not many of us are likely to leave the tab open. Further, why would you have separate Verify and Go to button/links in the POST version rather than Confirm (and Not Me) buttons which load the next page/close the tab after submission?

By: marten.gustafson » links for 2006-03-21

marten.gustafson » links for 2006-03-21 — Tue, 21 Mar 2006 22:20:54 +0000

[...] REST Mistake #1: Confirming GETs (tags: rest) [...]

By: bloglips - douglips blog

bloglips - douglips blog — Tue, 21 Mar 2006 21:06:15 +0000

Confirming GETs Considered Harmful?

Now, technically it is within a client’s right to pre-fetch any URLs they desire. But in an email client that seems irresponsible, when some of those URLs might be:Click here to confirm for my spam list that your email address is valid! (Note, this is…

By: Elliotte Rusty Harold

Elliotte Rusty Harold — Tue, 21 Mar 2006 15:14:09 +0000

That has several problems. First, from a theoretical standpoint I’m not sure that running the confirming script automatically on the client in response to a GET is any different than running a script automatically on the server.

Second, from a user interface perspective, the user expects to be able to click on a basic link without confirming or committing to anything.

Third, practically, I’m not at all sure that Google (and other robots) won’t run JavaScript in the future. They’re already making efforts to process the HTML more as a real browser like Firefox would in order to identify the more and less important content on the page.

By: Avery Regier

Avery Regier — Mon, 20 Mar 2006 14:34:47 +0000

Use javascript on the page you get by the GET call from the mail message to automatically submit the form which then confirms the message. Unless JavaScript is turned off, this will be one click. If JavaScript is turned off or the browser somehow prevents it, it is two. Google’s spidering won’t run the JavaScript, so it is safe there.