Steve Bennett schrieb:
On 8/25/06, Rob Church robchur@gmail.com wrote:
You're correct, of course, but it doesn't mean we shouldn't be careful, too. :)
In any case we obviously wouldn't allow this for anon users
AFAIK, we don't allow uploads for anon users anyway...
, and presumably we would do something nasty to anyone who caused us to get a complaint like "Your user X deleted my website using GET requests!"
The only punishment severe enough for letting random IPs GET-delete stuff would be to flood that server with mote GET requests ;-)
Magnus