Why standards are important to follow
Citricsquid linked me to this awesome SO post (http://stackoverflow.com/questions/198462/get-versus-post-in-terms-of-security/202465#202465) where a user details that all his app’s data was being deleted randomly every few days.
They checked the logs and found that Google was spidering the site and GET’ting all the links, including the “Delete” and “Are you sure?” links.
The standard is to NEVER put any destructive actions under the HTTP verb “GET”. That’s what the POST, PUT, and DELETE verbs are for! USE THEM!
