Posted by Tim Roberts on 01/16/07 18:51

Michael Fesser <netizen@gmx.de> wrote:
>
>.oO(Tim Roberts)
>
>>HOWEVER, just because one can, doesn't mean one should. Your basic advice
>>is correct: POST should almost always be used for forms, because the URLs
>>get too large.
>
>It's also a security issue. Using plain links to change or delete
>something on the server can become a problem or even a security risk.

I don't think that's really what you meant to say. There is no difference
in security between GET and POST. If there's something that is dangerous
as a GET, then it's dangerous as a POST.

>>Nope. That's not the problem. Another responder nailed it: you have to
>>tell the <textarea> that you want the newlines by saying <textarea
>>wrap="hard">.
>
>That's no HTML.

Of course it is. What would you call it?

>I've tested Opera, FF, IE and Lynx - all browsers send correct line
>breaks from a textarea, regardless of the used method (GET or POST).
>
>Using GET and a simple
>
>| test1
>| test2
>|
>| test3
>
>the line breaks are sent as URL-encoded "\r\n":
>
>...&textfield=test1%0D%0Atest2%0D%0A%0D%0Atest3&...

Try entering this:

This is a very long line that exceeds the width of the text area without
having any hard carriage returns at all.

With a plain <textarea>, you'll get no separators. With wrap="hard",
you'll get line breaks wherever the user saw them in the <textarea>.
--
Tim Roberts, timr@probo.com
Providenza & Boekelheide, Inc.

[Back to original message]