This post originated from an RSS feed registered with Ruby Buzz by Jeremy Voorhis. Original Post: Evil Robots Feed Title: JVoorhis Feed URL: http://feeds.feedburner.com/jvoorhis Feed Description: JVoorhis is a Rubyist in northeast Ohio. He rambles about Ruby on Rails, development practices, other frameworks such as Django, and on other days he is just full of snark. Latest Ruby Buzz Posts Latest Ruby Buzz Posts by Jeremy Voorhis Latest Posts From JVoorhis

According to DHH’s latest post on SVN, Google’s latest release of Google Web Accellerator will save your users more than 7.5 minutes if you’re not careful!

Now there is no way to distinguish the accelerator from a user, thus endangering any data on a server that is modifiable with a GET request (read: your typical link!). If you’re not familiar with the travesty that is Google Web Accelerator, it attempts to “pre-fetch” links on pages that a user visits. Have a list of delete links? GWS will systematically hose all of your user’s records.

This could spell disaster for applications that allow data to be altered with GET requests. Of course, if you’re a dilligent web developer, you won’t allow data to change without a POST request.