> But isn't it dangerous? How does it know you re not preloading the "please delete everything" link?
As a sibling comment points out, if it's possible for someone to delete everything via a link, your users have already lost. Someone could, e.g., trick your users into loading an IMG tag or an IFRAME pointing to that page, or give them a shortened URL that redirects to your "delete everything" page.
As a sibling comment points out, if it's possible for someone to delete everything via a link, your users have already lost. Someone could, e.g., trick your users into loading an IMG tag or an IFRAME pointing to that page, or give them a shortened URL that redirects to your "delete everything" page.
GET requests should never have side effects.