GET method should be Safe ( and Idempotent). The implementation is not respecting the RFC 2616.
The RFC says at the point 9.1.1 that: "Naturally, it is not possible to ensure that the server does not generate side-effects as a result of performing a GET request; in fact, some dynamic resources consider that a feature. The important distinction here is that the user did not request the effects, so therefore cannot be held accountable for them."
The RFC says at the point 9.1.1 that: "Naturally, it is not possible to ensure that the server does not generate side-effects as a result of performing a GET request; in fact, some dynamic resources consider that a feature. The important distinction here is that the user did not request the effects, so therefore cannot be held accountable for them."