[Mailman-Developers] Re: [Mailman-Users] [ANNOUNCE] Mailman 2.1 alpha 2

Gerald Oskoboiny gerald@impressive.net
Fri, 13 Jul 2001 16:43:59 -0400

On Fri, Jul 13, 2001 at 04:15:20PM -0400, Barry A. Warsaw wrote:
> This the official announcement for Mailman 2.1 alpha 2. [...]

> To view the on-line documentation, see
>     http://www.list.org/MM21/index.html

> 2.1 alpha 2 (11-Jul-2001)

[ lots of extremely cool stuff deleted ]

>         o Subscription confirmations can now be performed via email or
>           via URL.  When a subscription is received, a unique (sha)
>           confirm URL is generated in the confirmation message.
>           Simply visiting this URL completes the subscription process.

This violates the HTTP protocol: visiting a URL (i.e., an HTTP GET) 
should not have side effects like confirming a subscription.

A few months ago I sent mail to mailman-developers with a suggestion for
how to implement this in a compliant way without hindering usability:


I realize that a number of other sites misuse GET this way, but I
think most of the large ones (e.g., Yahoo, online brokerages and
banks, etc.) get it right, and I think Mailman should too.

Further reading on GET vs POST:

    Forms: GET and POST

    Axioms of Web architecture: Identity, State and GET

    HTTP 1.1 section 9.1: Safe and Idempotent Methods

    HTML 4.01 section 17.13: Form submission

Gerald Oskoboiny <gerald@impressive.net>