Ticket #362 (closed defect: invalid)

Opened 4 years ago

Last modified 3 years ago

Ratings should not be created with a GET

Reported by: dread Owned by: dread
Priority: awaiting triage Milestone:
Component: ckan Keywords:
Cc: Repository: ckan
Theme: none

Description

Background

In the Web UI, when you rate a package it simply links to something like:

http://ckan.net/package/rate/mke-liquor-licenses?rating=3

This creates a GET request.

This is bad because:

  • Search engine crawlers follow links to find pages, and in this case end up creating a rating (although we've got a robots.txt to try and avoid this)
  • There are occasions when we want to make a CKAN instance read-only, so we put a <LimitExcept? GET> Apache instruction in. But the database may still get written for these ratings.
  • Best practise for web requests is for GET to be a read-only request.

Change History

comment:1 Changed 4 years ago by rgrp

  • Owner set to dread
  • Priority changed from awaiting triage to critical
  • Milestone set to ckan v1.3

comment:2 Changed 3 years ago by rgrp

  • Priority changed from critical to awaiting triage
  • Milestone ckan-v1.3 deleted

Rating are currently disabled (invisible) so moving this down.

comment:3 Changed 3 years ago by thejimmyg

  • Repository set to ckan
  • Status changed from new to closed
  • Theme set to none
  • Resolution set to invalid

This ticket is more than 6 months old so marking as invalid in line with out ticketing policy.

Note: See TracTickets for help on using tickets.