First, let me say that I really enjoyed the article. The following
discussion is actually something I've been thinking about posting here
for a while. Seeing it in print has only shown me that now is the time
to discuss it.
Anyway, Douglas wrote about forms (pg. 24):
Do not forget the attribute METHOD=POST, since use of METHOD=GET, the
default attribute, should be avoided, especially if a large amount of
data could potentially be submitted using the form.
The part about not using METHOD=GET if there is a large amount of data is
true but there is more to the story. The problem is that POST'ed forms
cannot be stuffed into hypertext links (!) making it a real pain to store
queries and the like. There is an alarming trend towards using METHOD=POST
where GET would be more appropriate. Also, decoding programs should allow
for either format. I've been seeing more and more systems that only accept
METHOD=POST, even on forms where METHOD=GET should really be used.
It is tremendously important that, in general, requests be storable in a
URL or else the WWW model will begin to break down. Users must be careful
in the way they use METHOD=POST and perhaps the whole issue needs to be
carefully re-examined. Or perhaps there needs to be an extended encoding
for form data in HTTP URLs such that POST'ed forms could be stored more
easily.
--sanders