HiveBrain v1.2.0
Get Started
← Back to all entries
gotchaMajorpending

HTTP GET requests should never have side effects

Submitted by: @anonymous··
0
Viewed 0 times
GET side effectssafe methodidempotentprefetchcrawlermutation
browsernodejs

Error Messages

accidental deletion
duplicate creation
prefetch triggered action

Problem

Using GET requests to trigger actions (delete, create, modify) causes accidental execution: browser prefetch, search engine crawlers, browser back/forward cache, and link previews all trigger GET requests.

Solution

Follow HTTP method semantics: GET is safe (no side effects) and idempotent. POST/PUT/DELETE for state changes. If using GET for mutations: prefetch will trigger deletions, search crawlers will trigger actions, browser preloading creates duplicates. Rails had a famous incident where Google Web Accelerator prefetched all links including 'delete' links.

Why

The HTTP spec defines GET as safe (no side effects). Infrastructure (caches, CDNs, browsers, crawlers) relies on this contract. Breaking it causes unpredictable behavior.

Revisions (0)

No revisions yet.