Opened 17 years ago

Closed 16 years ago

#40 closed defect (fixed)

Power on/off and other dangerous stuff should be POST, not GET

Reported by: geofft Owned by: ecprice
Priority: minor Milestone:
Component: web Version:
Keywords: Cc:

Description

Commands such as https://sipb-xen-dev.mit.edu/command?back=info&machine_id=179&action=Power+off&cdrom= should really use POST, not GET, because clients warn on resubmitting POSTDATA but not GET requests, and I wouldn't want my VM to be powered off just because I clicked Back to get to the info page and the URL actually said action=Power+off.

http://www.w3.org/2001/tag/doc/whenToUseGet.html

Change History (1)

comment:1 Changed 16 years ago by ecprice

  • Resolution set to fixed
  • Status changed from new to closed

Fixed in r301.

Note: See TracTickets for help on using tickets.