Chapter 7. Web Applications
In Web 2.0, many sites aren’t just static pages anymore, or even static pages plus a few forms to fill out. They’re full-blown applications for data entry, word processing, calendar management, human resources, games, and anything else you can imagine. In this chapter, we focus on issues that specifically arise in improving such web applications.
Replace Unsafe GET with POST
Redesign unsafe operations so that they are accessed via POST rather than GET.
<a class="delete" href="article.php?action=delete&id=1000517&nonce=76a62" onclick="return deleteSomething('post', 1000517, 'You are about to delete this post "POST vs. GET".\n"OK" to delete, "Cancel" to stop.' );">Delete</a> ...