Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:58043 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 68689 invoked from network); 24 Feb 2012 22:48:13 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 24 Feb 2012 22:48:13 -0000 Authentication-Results: pb1.pair.com header.from=ronabop@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=ronabop@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 74.125.82.170 as permitted sender) X-PHP-List-Original-Sender: ronabop@gmail.com X-Host-Fingerprint: 74.125.82.170 mail-we0-f170.google.com Received: from [74.125.82.170] ([74.125.82.170:51063] helo=mail-we0-f170.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id C9/61-17132-BA3184F4 for ; Fri, 24 Feb 2012 17:48:12 -0500 Received: by werm1 with SMTP id m1so2073974wer.29 for ; Fri, 24 Feb 2012 14:48:09 -0800 (PST) Received-SPF: pass (google.com: domain of ronabop@gmail.com designates 10.180.101.37 as permitted sender) client-ip=10.180.101.37; Authentication-Results: mr.google.com; spf=pass (google.com: domain of ronabop@gmail.com designates 10.180.101.37 as permitted sender) smtp.mail=ronabop@gmail.com; dkim=pass header.i=ronabop@gmail.com Received: from mr.google.com ([10.180.101.37]) by 10.180.101.37 with SMTP id fd5mr10781113wib.1.1330123689006 (num_hops = 1); Fri, 24 Feb 2012 14:48:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=fK3/WkJr9CIODDe50YYhoOawj0H/MQimPo9a00f/umI=; b=REaL27K0McdAmpOtWN/CDv9jyZ241rB+uAKqmM39OiM+u1VOgBTr+XM+kkBjzhjQ38 qutDX+XH/zW9/UiVt65VPP50GAvd/vPWzolNHc1LjfXp+HSYaNRF8f9iZSkdjLeMeMWb u1LPs9pvV4CH7cOeYZ33E+/+Hjyufp7ZpIMqU= MIME-Version: 1.0 Received: by 10.180.101.37 with SMTP id fd5mr8582237wib.1.1330123688954; Fri, 24 Feb 2012 14:48:08 -0800 (PST) Received: by 10.216.155.72 with HTTP; Fri, 24 Feb 2012 14:48:08 -0800 (PST) In-Reply-To: <4F4811E6.4050201@garfieldtech.com> References: <8D8E9A0839FE464FBBDF2B499DAFA596@gmail.com> <88ad33db205558862288b3114ef4c391.squirrel@www.l-i-e.com> <4F480C5B.30606@garfieldtech.com> <96462fbc4e243e75b11b455624ac4140.squirrel@www.l-i-e.com> <4F4811E6.4050201@garfieldtech.com> Date: Fri, 24 Feb 2012 14:48:08 -0800 Message-ID: To: Larry Garfield Cc: internals@lists.php.net Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: [PHP-DEV] $_PARAMETERS Super Global Object From: ronabop@gmail.com (Ronald Chmara) On Fri, Feb 24, 2012 at 2:40 PM, Larry Garfield wr= ote: >> To me, it's just a request for some content, and in a REST API that's >> read-only, I just don't care if the consumer sends their request as >> GET or POST. =A0I'll cheerfully give them what they wanted. > Except that per HTTP, GET and POST are completely different operations. = =A0One > is idempotent and cacheable, the other is not idempotent and not cacheabl= e. > =A0I very much care which someone is using. People exploiting security would *never* think of caching/replaying/modifying a POST request, that's just totally unimaginable! It would take, like HUGE computational effort to like, cURL it or just type it out! er, no. -Ronabop