For several years, the canonical example of applications causing unsafe
GETs were emails with confirmation links, as in an email that says "click
here to confirm your magazine subscription." Although this is clearly a
violation [1] of Web architecture and in particular the HTTP specification
[2], one could argue that in practice damage was limited by the fact that
offending links occurred in emails, that most of those emails would be
unlikely to be managed by the sorts of tools that would aggressively
prefetch the links (though some email readers do this when preparing to go
into "travel mode"), I think.
Anyway, it seems the trouble is getting worse. I just noticed the Twit
[3] from JetBlue. It says:
"Wisdom of crowds time
What's your favorite JetBlue
snack
http://tr.im/jbsnacks: Blue Chips (1) or Munchies
Mix (2) ?
http://tinyurl.com/d4gjww"
It's not 100% clear that votes are being tallied based on the link you
click, but it seems implicit in the "wisdom of crowds" leadin. I suppose
that if the Google crawler finds this particular Twit, it will cast one
vote for each snack, and move on.
Noah
[1]
http://www.w3.org/2001/tag/doc/whenToUseGet.html#safe[2]
http://www.ietf.org/rfc/rfc2616.txt[3]
http://twitter.com/JetBlue/statuses/2178983316--------------------------------------
Noah Mendelsohn
IBM Corporation
One Rogers Street
Cambridge, MA 02142
1-617-693-4036
--------------------------------------
