In reading the Rails book (pragmatic), I noticed that most methods in the controllers were doing the following check: "if request.get?" If it was a GET request, a blank object is usually returned, otherwise, some logic occurs. I understand why GET requests are not appropriate when doing modifications to data, however, is this implementation a smart way to do the check ? It seems a bit redundant, and was wondering if anybody had any insight into this. Thanks ! _______________________________________________ Rails mailing list Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org http://lists.rubyonrails.org/mailman/listinfo/rails
Here are some examples: google, yahoo, etc, bots index your website. Upon doing so, they modify your data through all the GET requests. people bookmark your site on a page with a GET request that modifies data. there''s some kind of fancy word for this, but generally, you never want a GET request to modify your data. hope that helped, jin On 11/3/05, Dylan Stamat <dylans-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> > In reading the Rails book (pragmatic), I noticed that most methods in the > controllers were doing the following check: > "if request.get?" > > If it was a GET request, a blank object is usually returned, otherwise, > some logic occurs. > I understand why GET requests are not appropriate when doing modifications > to data, however, is this implementation a smart way to do the check ? > > It seems a bit redundant, and was wondering if anybody had any insight > into this. > Thanks ! > > _______________________________________________ > Rails mailing list > Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > http://lists.rubyonrails.org/mailman/listinfo/rails > > >_______________________________________________ Rails mailing list Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org http://lists.rubyonrails.org/mailman/listinfo/rails
thanks Jin, that makes sense. so, is the best practice to do a request.get? check on each method that may modify data ? On 11/3/05, Jin Lee <jinslee-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> > Here are some examples: > > google, yahoo, etc, bots index your website. Upon doing so, they modify > your data through all the GET requests. > people bookmark your site on a page with a GET request that modifies data. > > there''s some kind of fancy word for this, but generally, you never want a > GET request to modify your data. > > hope that helped, > jin > > On 11/3/05, Dylan Stamat <dylans-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > > In reading the Rails book (pragmatic), I noticed that most methods in > > the controllers were doing the following check: > > "if request.get?" > > > > If it was a GET request, a blank object is usually returned, otherwise, > > some logic occurs. > > I understand why GET requests are not appropriate when doing > > modifications to data, however, is this implementation a smart way to do the > > check ? > > > > It seems a bit redundant, and was wondering if anybody had any insight > > into this. > > Thanks ! > > > > _______________________________________________ > > Rails mailing list > > Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > > http://lists.rubyonrails.org/mailman/listinfo/rails > > > > > > > > _______________________________________________ > Rails mailing list > Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > http://lists.rubyonrails.org/mailman/listinfo/rails > > >_______________________________________________ Rails mailing list Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org http://lists.rubyonrails.org/mailman/listinfo/rails
I''m not sure what the consensus is, but I typically do stuff like this:
if request.post?
# do the create/update/whatever
end
- Jamie
On Thu, 2005-03-11 at 16:48 -0800, Dylan Stamat wrote:> thanks Jin, that makes sense. so, is the best practice to do a
> request.get? check on each method that may modify data ?
>
>
>
> On 11/3/05, Jin Lee <jinslee-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:
> Here are some examples:
>
> google, yahoo, etc, bots index your website. Upon doing so,
> they modify your data through all the GET requests.
> people bookmark your site on a page with a GET request that
> modifies data.
>
> there''s some kind of fancy word for this, but generally,
you
> never want a GET request to modify your data.
>
> hope that helped,
> jin
>
> On 11/3/05, Dylan Stamat
<dylans-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
> In reading the Rails book (pragmatic), I noticed that
> most methods in the controllers were doing the
> following check:
> "if request.get?"
>
> If it was a GET request, a blank object is usually
> returned, otherwise, some logic occurs.
> I understand why GET requests are not appropriate when
> doing modifications to data, however, is this
> implementation a smart way to do the check ?
>
> It seems a bit redundant, and was wondering if anybody
> had any insight into this.
> Thanks !
>
>
> _______________________________________________
> Rails mailing list
> Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org
> http://lists.rubyonrails.org/mailman/listinfo/rails
>
>
>
>
> _______________________________________________
> Rails mailing list
> Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org
> http://lists.rubyonrails.org/mailman/listinfo/rails
>
>
>
> _______________________________________________
> Rails mailing list
> Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org
> http://lists.rubyonrails.org/mailman/listinfo/rails
Cool... Thanks Jamie. I like that approach. The Rails guys do the following... but I noticed in some their examples that they don''t really need the default object (at least I think). if request.get? @default = Default.new else # do the create/update/whatever end Thanks for the explanation... helps much ! On 11/3/05, Jamie Macey <jamie-7g3wz9A/6AxWk0Htik3J/w@public.gmane.org> wrote:> > I''m not sure what the consensus is, but I typically do stuff like this: > > if request.post? > # do the create/update/whatever > end > > - Jamie > > On Thu, 2005-03-11 at 16:48 -0800, Dylan Stamat wrote: > > thanks Jin, that makes sense. so, is the best practice to do a > > request.get? check on each method that may modify data ? > > > > > > > > On 11/3/05, Jin Lee <jinslee-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > Here are some examples: > > > > google, yahoo, etc, bots index your website. Upon doing so, > > they modify your data through all the GET requests. > > people bookmark your site on a page with a GET request that > > modifies data. > > > > there''s some kind of fancy word for this, but generally, you > > never want a GET request to modify your data. > > > > hope that helped, > > jin > > > > On 11/3/05, Dylan Stamat <dylans-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote: > > In reading the Rails book (pragmatic), I noticed that > > most methods in the controllers were doing the > > following check: > > "if request.get?" > > > > If it was a GET request, a blank object is usually > > returned, otherwise, some logic occurs. > > I understand why GET requests are not appropriate when > > doing modifications to data, however, is this > > implementation a smart way to do the check ? > > > > It seems a bit redundant, and was wondering if anybody > > had any insight into this. > > Thanks ! > > > > > > _______________________________________________ > > Rails mailing list > > Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > > http://lists.rubyonrails.org/mailman/listinfo/rails > > > > > > > > > > _______________________________________________ > > Rails mailing list > > Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > > http://lists.rubyonrails.org/mailman/listinfo/rails > > > > > > > > _______________________________________________ > > Rails mailing list > > Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > > http://lists.rubyonrails.org/mailman/listinfo/rails > > _______________________________________________ > Rails mailing list > Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > http://lists.rubyonrails.org/mailman/listinfo/rails >_______________________________________________ Rails mailing list Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org http://lists.rubyonrails.org/mailman/listinfo/rails
On Nov 3, 2005, at 2:55 PM, Dylan Stamat wrote:> In reading the Rails book (pragmatic), I noticed that most methods > in the controllers were doing the following check: > "if request.get?" > > If it was a GET request, a blank object is usually returned, > otherwise, some logic occurs. > I understand why GET requests are not appropriate when doing > modifications to data, however, is this implementation a smart way > to do the check ?Yes. Because it''s possible that the net breaks in the meantime, so you need to double check that you know, you actually got something. -- _Deirdre http://deirdre.net
Gotcha. Thanks for the help everyone, and Deirdre, that''s a classic picture of you at the pub ! :) On 11/3/05, Deirdre Saoirse Moen <deirdre-mzk6fgDMp2XR7s880joybQ@public.gmane.org> wrote:> > > On Nov 3, 2005, at 2:55 PM, Dylan Stamat wrote: > > > In reading the Rails book (pragmatic), I noticed that most methods > > in the controllers were doing the following check: > > "if request.get?" > > > > If it was a GET request, a blank object is usually returned, > > otherwise, some logic occurs. > > I understand why GET requests are not appropriate when doing > > modifications to data, however, is this implementation a smart way > > to do the check ? > > Yes. > > Because it''s possible that the net breaks in the meantime, so you > need to double check that you know, you actually got something. > > -- > _Deirdre http://deirdre.net > > > _______________________________________________ > Rails mailing list > Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > http://lists.rubyonrails.org/mailman/listinfo/rails >_______________________________________________ Rails mailing list Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org http://lists.rubyonrails.org/mailman/listinfo/rails
Hi,
just wanted to point out that you might as well use verify :method post
as shown in the ''How Rails is prepared for GWA II: Vengeance''
blog by DHH:
|class WeblogController < ActionController::Base
verify :method => :post, :only => %w( delete update )
def delete
# a GET request will never gain access to me
end
||end|
|
Regards
Jan Prill
|
Dylan Stamat wrote:
> Gotcha. Thanks for the help everyone, and Deirdre, that''s a
classic
> picture of you at the pub !
> :)
>
>
> On 11/3/05, *Deirdre Saoirse Moen*
<deirdre-mzk6fgDMp2XR7s880joybQ@public.gmane.org
> <mailto:deirdre-mzk6fgDMp2XR7s880joybQ@public.gmane.org>> wrote:
>
>
> On Nov 3, 2005, at 2:55 PM, Dylan Stamat wrote:
>
> > In reading the Rails book (pragmatic), I noticed that most methods
> > in the controllers were doing the following check:
> > "if request.get?"
> >
> > If it was a GET request, a blank object is usually returned,
> > otherwise, some logic occurs.
> > I understand why GET requests are not appropriate when doing
> > modifications to data, however, is this implementation a smart way
> > to do the check ?
>
> Yes.
>
> Because it''s possible that the net breaks in the meantime, so
you
> need to double check that you know, you actually got something.
>
> --
> _Deirdre
> http://deirdre.net
>
>
> _______________________________________________
> Rails mailing list
> Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org
<mailto:Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org>
> http://lists.rubyonrails.org/mailman/listinfo/rails
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Rails mailing list
>Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org
>http://lists.rubyonrails.org/mailman/listinfo/rails
>
>
Brilliant ! Thanks Jan ! On 11/3/05, Jan Prill <JanPrill-sTn/vYlS8ieELgA04lAiVw@public.gmane.org> wrote:> > Hi, > > just wanted to point out that you might as well use verify :method post > as shown in the ''How Rails is prepared for GWA II: Vengeance'' blog by DHH: > > |class WeblogController < ActionController::Base > verify :method => :post, :only => %w( delete update ) > > def delete > # a GET request will never gain access to me > end > ||end| > | > Regards > Jan Prill > > | > > > > Dylan Stamat wrote: > > > Gotcha. Thanks for the help everyone, and Deirdre, that''s a classic > > picture of you at the pub ! > > :) > > > > > > On 11/3/05, *Deirdre Saoirse Moen* <deirdre-mzk6fgDMp2XR7s880joybQ@public.gmane.org > > <mailto:deirdre-mzk6fgDMp2XR7s880joybQ@public.gmane.org>> wrote: > > > > > > On Nov 3, 2005, at 2:55 PM, Dylan Stamat wrote: > > > > > In reading the Rails book (pragmatic), I noticed that most methods > > > in the controllers were doing the following check: > > > "if request.get?" > > > > > > If it was a GET request, a blank object is usually returned, > > > otherwise, some logic occurs. > > > I understand why GET requests are not appropriate when doing > > > modifications to data, however, is this implementation a smart way > > > to do the check ? > > > > Yes. > > > > Because it''s possible that the net breaks in the meantime, so you > > need to double check that you know, you actually got something. > > > > -- > > _Deirdre > > http://deirdre.net > > > > > > _______________________________________________ > > Rails mailing list > > Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org <mailto:Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org> > > http://lists.rubyonrails.org/mailman/listinfo/rails > > > > > >------------------------------------------------------------------------ > > > >_______________________________________________ > >Rails mailing list > >Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > >http://lists.rubyonrails.org/mailman/listinfo/rails > > > > > > _______________________________________________ > Rails mailing list > Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > http://lists.rubyonrails.org/mailman/listinfo/rails >_______________________________________________ Rails mailing list Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org http://lists.rubyonrails.org/mailman/listinfo/rails