[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: Malicious documents? (WAS: Interesting mailing list & a ra
--- Miles Sabin <miles@m...> wrote: > Interestingly, the RESTian push for GET over POST for web services is > likely to make exploits of this sort easier. That's not a criticism of > REST per se, but it suggests that RESTians probably have a duty to > think about the security implications of GET vs POST. The HTTP spec describes some of the security implications of method selection.[1][2] No REST advocate I've encountered has advocated using GET for actions that are not safe. What sort of additional implications were you thinking about? Jim [1] - http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.1 [2] - http://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html#sec15.1.3 ===== Jim Ancona jim@a... jancona@x... __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|