HTTP Good Practise

Here’s one for the web perfectionists out there. The usual line with HTTP and web browsing is that requests are achieved through the GET verb, and data modifications are through POST.

All well and good, but how do you handle text links that trigger a data modification? For instance, a page might have a list of items in a table, with “Edit – Delete” as associated actions. Edit is simple, it might go to edit?id=…, but Delete is more tricky. Assuming that no interstital “Are you sure” page is necessary, how can you trigger a POST from that Delete link?

My current way of tackling this is to include a form at the base of the page, and use some Javascript to submit that form. For instance

<a href="javascript:deleteItem(123)">Delete</a>
<form action="" method="post" name="jsPost">
<input type="hidden" name="action" value="">
<input type="hidden" name="item" value="">
</form>
<script type="text/javascript">
function deleteItem(id) {
document.forms['jsPost'].action.value="delete";
document.forms['jsPost'].item.value=id;
document.forms['jsPost'].submit();
}
</script>

This works fine and while the HTTP behaviour is roughly correct (okay, so in a perfect world I’d use the DELETE verb….) the code does not work for people not using Javascript.

Any ideas for a better, but clean solution?

2 thoughts on “HTTP Good Practise”

  1. Two possible solutions:

    1. Style a regular form button to look like a link using CSS.

    2. The delete link links to a page that asks you “are you sure?” and has a “Yes” button that’s implemented as a regular form button. Then use unobtrusive JavaScript to hijack the link and cause it to do an Ajax POST request for JavaScript clients.

  2. Ditto to what Simon said, with one caveat. Using text links to perform actions is bad design. People have been trained to expect text links to take them places and buttons to perform actions. Ignoring this convention reduces usability.

    Also, don’t be tempted to cut out the intermediary page by replacing the normal link with a javascript: link. JavaScript support is not a yes/no question. Just because somebody has JavaScript switched on, it doesn’t mean that all the JavaScript you provide will be executed. If somebody goes to your page with JavaScript switched on, and you think it’s safe to supply them with a javascript: link, then things break when they do things like opening links in new tabs or windows. 99% of the time, when you catch yourself writing href=”javascript:…, you are making a mistake. Even when you assume everybody supports JavaScript.

Comments are closed.