Blogs
Welcome to blogs.conchango.com Sign in | Join | Help

Welcome to blogs.conchango.com

andyBlog [andy britcliffe]

My working life in an internet nutshell

Understand your verbs when creating actions in your web applications.

Recently, I've been doing a fair amount of reading around RESTFul web services and applications. Ruby on Rails has made it silly easy for you to create applications that offer a REST api out of the box. When dealing with a REST web service it is vitally important you understand the verbs of the HTTP protocol. Now I'm not going to delve into this deeply here (you can find a full description here), but I did want to raise the use of GET Vs POST when creating actions in your web applications.

Now in essence, GET is used to "fetch" a resource - be it a html page, a JavaScript file, an image etc. GET is often misused in web applications, you will often find that a button to, for example a "delete" action, is actually created in the html as an <a> tag. Now you may be wondering why this is an issue. Well the issue arises because the <a> tag, when clicked, makes a GET request to the server but actually actions a change of data on the server. This is what the POST verb was created for, to action changes to state on the server, most commonly changes to the state of data (edit/delete/etc).
This problem can cause strange issues with sites when tools, like a search engine crawler for example, follow a link that causes a GET request which alters state on the server. They can, in some extreme cases, cause security holes. This was highlighted by the Google Accelerator application, which caused numerous problems to websites that followed the above technique. If you use the correct verb POST for actions, this will be avoided.

Now one of the big reasons for using <a> tags for actions is that the <input> tag is extremely limited in terms of how you can style it, and in a lot of cases this was a show stopper for using <input> and alas using POST for the actions. Well hopefully this blocker can be removed as I've come across a great article at Particle Tree that covers this very topic and shows how using the <button> tag can transfer the way you style you action buttons, and it's certainly something I wasn't aware of.

I'd urge any developer/designer looking to build more RESTful applications to check this article out.
Published 13 June 2007 21:30 by Andrew.Britcliffe

Comments

No Comments
Anonymous comments are disabled

About Andrew.Britcliffe

Senior Technical Consultant.

This Blog

Syndication

News

Charity Checkout

View Andy Britcliffe's profile on LinkedIn
Locations of visitors to this page




Add to Live.com

Subscribe in NewsGator Online
EMC2, EMC, and where information lives are registered trademarks of EMC Corporation.
All other trademarks used herein are the property of their respective owners.                  
© Copyright 2009 EMC Corporation. All rights reserved.                                                    
Powered by Community Server (Personal Edition), by Telligent Systems