Is there a good reason why I shouldn't be mixing POST and GET parameters in a CGI query?

Question

Is there a good reason why I shouldn't be mixing POST and GET?

For example:

<form action="http://example.com/?param1=foo&amp;param2=bar" method="post">

Answer 1

• As noted by comments to your question, CGI.pm is OK

• CGI::Simple is OK

• EmbPerl's %fdat is OK

• Everything else, you need to read documentation or just test.

The important question is why do you care about "most CGI libraries"? You should pick the library you are going to use and ask that question about that library.

Answer 2

There is a good reason to do this, at least with CGI.pm:

It's important to use the url (whether cgi parameters or path info) to provide some context for things like file uploads, where the $POST_MAX may be exceeded and all the post data be thrown away. Only if the server knows what the attempted post was can it give a good error message. (You could use HTTP_REFERER to guess, but I hate to ever depend on that.)