This is why JSF’s “everything-is-a-POST” approach is bad, but first let me give a bit of background information. I’m a Harry Potter fan. I like the books. I like the occasional conversation. I ususally keep my enthusiasm centered around new arrivals of a book or movie. A while back, my mom and I were talking Harry Potter. She tried to send me a few links. Here’s what I got:

Hi guys,

Here are a couple of links you might like:

Video stream of Radio City Music Hall reading:

Here’s a quick rundown of the above interview. You have to scroll down to “Coverage:Harry Carrie and Garp” There are some additional links to fan reaction toward the end of the article.

transcript of Richard and Judy interview:

Have fun, loveya, mom

Notice the last two links. They’re identical, and they clearly have no information about which particular search results should appear in them. They’re entirely dependent upon the state of the current session of the user. Yet they have interesting content that my mom wants to share with me.

With most other sites (including the first link in the email), you can simply cut-n-paste the URL and send something meaninful to a friend. Lots of people know this. But when you hide your search behind a POST, you break that tacit understanding between the user and the Big Web World. You violate a social moré. This isn’t just a problem with JSF (though their assertion that everything’s a POST is darn annoying) — even my example is from a PHP site.

Please stop breaking the web. Always use GET for your search options, and reserve POST for what it should be for: operations with such side effects that the user agent should prevent accidental replay of the request.

comments powered by Disqus