On 7/13/01 1:43 PM, "Gerald Oskoboiny" <gerald@impressive.net> wrote:
This violates the HTTP protocol: visiting a URL (i.e., an HTTP GET) should not have side effects like confirming a subscription.
My first reaction was "say what?" but I went and read the w3 stuff before responding...
I realize that a number of other sites misuse GET this way, but I think most of the large ones (e.g., Yahoo, online brokerages and banks, etc.) get it right, and I think Mailman should too.
Because, frankly, I think w3 is wrong IN THIS CASE. That may make sense in a general case, especially on an HTTP only situation, but in this case, where the URL is being carried in e-mail to confirm an action the user has (presumably) started, I think they're wrong. As long as the e-mail clearly delineates the action being taken, do what's easy for the user; and the user isn't going to want to go clicking through multiple links just to allow us to abide to the HTTP stuff.
But the key is this is a finalization of a distributed transaction, with e-mail distributing the token. Under other circumstances, I see W3's logic. Here, however, using a URL to bring up a page that says "click here to confirm" is only going to piss off Joe User, not make his life better.
-- Chuq Von Rospach, Internet Gnome <http://www.chuqui.com> [<chuqui@plaidworks.com> = <me@chuqui.com> = <chuq@apple.com>] Yes, yes, I've finally finished my home page. Lucky you.
Some days you're the dog, some days you're the hydrant.