Faking a post variable......is it possible?
Moderator: General Moderators
-
alex.barylski
- DevNet Evangelist
- Posts: 6267
- Joined: Tue Dec 21, 2004 5:00 pm
- Location: Winnipeg
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
I think that hits the nail right on the head. Design your app to "just work" no matter what the user does, or how they choose to interact with it.Maugrim_The_Reaper wrote:To be honest your application should not care how a user chooses to send input. So long as it filtered effectively they can fake all the POST requests they want... As a quick rule - if a URI on your app does not expect any POST data, then your input filter should simply discard any such data immediately.
I think I can see what you might have been getting at though... in a situation where you're following a front controller pattern and all requests come through the same page, POST data may have a nagtaive impact on certain parts of your app.... but that's only if you're not filtering your input through something like the input filter posted earlier.... there are loads of takes on how to do this filtering too.