HTTP GET versus POST controversy in light of Google Web Accelerator fiasco and How Google can solve it

Some people have started preaching/scolding the web developers for using HTTP GET in non-idempotent manner. In other words GET is often used to change the state of the system, when it shouldn’t be. And when it does, Google Web Accelerator does all unmentionable things to the web application like pre-fetching delete links, creating new records etc.

This is a classic dilemma.

On one hand you have web developers who prefer using GET for “doing something”, instead of POST because:

• GET is easy to use. Just have a hyperlink and you are making a GET call.
• POST is harder. You need to create a FORM to post.
• POST queries are normally made with an ugly button (pressing enter doesn’t work for textarea). Web developers are rather sensitive to look-and-feel.

On the other hand there are preacher’s and upholder’s of standards which were incomplete in the first place.

At this point I would like to mention someone who raised the possibility of detonating even an A-Bomb due to pre-fetching! That is blowing a simple issue way out of proportion. Any web application handling secure data must go through https and they do.