[wp-trac] Re: [WordPress Trac] #8726: cron implementation uses POST
method instead of GET method
WordPress Trac
wp-trac at lists.automattic.com
Thu Jan 15 22:11:24 GMT 2009
#8726: cron implementation uses POST method instead of GET method
-------------------------------------------------------+--------------------
Reporter: patpro | Owner: anonymous
Type: defect (bug) | Status: new
Priority: normal | Milestone:
Component: Administration | Version: 2.7
Severity: major | Resolution:
Keywords: has-patch commit 2nd-opinion dev-feedback |
-------------------------------------------------------+--------------------
Changes (by Sam_a):
* keywords: has-patch commit => has-patch commit 2nd-opinion dev-
feedback
Comment:
I think the current behavior may be correct.
The HTTP specs say GET requests retrieve a resource without side-effects,
whereas POST requests take actions that can have side effects (including
permanent changes).
[http://www.w3.org/2001/tag/doc/whenToUseGet.html#checklist URIs,
Addressability, and the use of HTTP GET and POST]
1.3 Quick Checklist for Choosing HTTP GET or POST
* Use GET if:
o The interaction is more like a question (i.e., it is a safe
operation such as a query, read operation, or lookup).
* Use POST if:
o The interaction is more like an order, or
o The interaction changes the state of the resource in a way
that the user would perceive (e.g., a subscription to a service), or
o The user be held accountable for the results of the
interaction.
If it's important that WordPress be able to send credentials for cron
requests, we could probably add a filter to do that -- the WP_Http_Request
class can do HTTP authentication.
But I don't understand how switching from POST to GET would be a fix,
because any credentials WordPress can (or can't) provide via POST, the
same is true for GET.
--
Ticket URL: <http://trac.wordpress.org/ticket/8726#comment:2>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list