0

This is a best practice question I'm struggling with for a while now.

From a page with search results (accounts that need to be approved), I want to navigate to a page (GET-request) with the id of the account in the querystring, the controller immediately approves the account and returns a view to show the user that the account is succesfully approved.

In all examples I find on the internet, the GET-request is used to get data to show the user and the POST-request is used to modify data. I really like to know if this is bad practice and why I should, or should not to this.

markbeij
  • 131
  • 1
  • 10

1 Answers1

0

Changing state using HTTP GET can be very harmful. Take for instance a crawler or search engine following the links and modifying data everytime it comes around.

For more reasons see Why shouldn't data be modified on an HTTP GET request?

Community
  • 1
  • 1
Dennis Traub
  • 50,557
  • 7
  • 93
  • 108
  • Thank you, this gives me some insight. As the GET request I'm talking about is for authorized users only, so some arguments are less relevant, I'm now convinced it's better to send POST request to alter data. In all my POST methods I receive a model, but now that I think off it, I don't see any reason to just receive a Guid for the account and go from there. – markbeij Jul 13 '13 at 09:40