Trouble putting Javascript in an anchor tag
in [JavaScript]
|
Prev: iframes? something better?
Next: ISO 8601 date format
From: Sean Kinsey on 23 Apr 2010 12:31 On Apr 23, 6:04 pm, Thomas 'PointedEars' Lahn <PointedE...(a)web.de> wrote: > Sean Kinsey wrote: <snip> > > There has been stories about web spiders that have caused havoc > > because of this, > > Those spiders should then be blocked as they would be FUBAR if they existed. If they existed? Are you questioning the existence of spiders/ crawlers? > > > and unexpected behavior in applications due to some browser preloading > > url's that it 'think' the user might navigate to. > > If that applied here, one could not ever use the `location' property in Web > applications. You are confusing this with URI-type element attributes, and > it is doubtful whether those browsers should not be considered buggy as well > in that case. I am not confused at all; I was referring to the concept of using GET for operations with side effects, not whether they were accessed using 'location.href=foo' or using a standard anchor element. And by the way, whether those browsers are 'buggy' or not, has nothing to do with the issue. > > Stop spreading FUD. You got to be joking, should anyone really take a statement like that coming from you seriously? Come on... Stop rambling.
From: Jeremy J Starcher on 23 Apr 2010 12:35 On Fri, 23 Apr 2010 18:04:21 +0200, Thomas 'PointedEars' Lahn wrote: > Sean Kinsey wrote: > >> There has been stories about web spiders that have caused havoc because >> of this,[*] > > Those spiders should then be blocked as they would be FUBAR if they > existed. If I understanding the above usage of "this" correctly, referring back to spiders which have altered data by following links, there have been a number of cases about spiders following links with side effects and wiping out data. (This account is anonymousized) http://thedailywtf.com/Articles/The_Spider_of_Doom.aspx Things with side effects should be send POSTed. "The "get" method should be used when the form is idempotent (i.e., causes no side-effects). Many database searches have no visible side- effects and make ideal applications for the "get" method. If the service associated with the processing of a form causes side effects (for example, if the form modifies a database or subscription to a service), the "post" method should be used."[1] [1] http://www.w3.org/TR/html401/interact/forms.html#submit-format
From: Thomas 'PointedEars' Lahn on 23 Apr 2010 13:49 Jeremy J Starcher wrote: > Thomas 'PointedEars' Lahn wrote: >> Sean Kinsey wrote: >>> There has been stories about web spiders that have caused havoc because >>> of this,[*] >> Those spiders should then be blocked as they would be FUBAR if they >> existed. > > If I understanding the above usage of "this" correctly, referring back to > spiders which have altered data by following links, there have been a > number of cases about spiders following links with side effects and > wiping out data. So what? The solution for that is not to change your client-side code, but to lock those spiders out, if they even still exist. More simple, use only script includes for such code and prevent spiders from indexing them. And fix your server-side code jumping to conclusions such as: > http://thedailywtf.com/Articles/The_Spider_of_Doom.aspx Have you even read that article? If Googlebot does not use cookies (i.e. does not send them), it could not have been considered to have logged on and wreaking havoc with the CMS had the login test not been written as ridiculous as if ($cookieNotSet or $cookieSetToFalse) { // logged on } instead of the proper if ($cookieSet and $cookieSetToTrue) { // ... } > Things with side effects should be send POSTed. Yes, but for other reasons than suggested here. It's not borken spiders but crackers which should be guarded against. PointedEars -- var bugRiddenCrashPronePieceOfJunk = ( navigator.userAgent.indexOf('MSIE 5') != -1 && navigator.userAgent.indexOf('Mac') != -1 ) // Plone, register_function.js:16
From: Thomas 'PointedEars' Lahn on 23 Apr 2010 13:57 Sean Kinsey wrote: > Thomas 'PointedEars' Lahn wrote: >> Sean Kinsey wrote: >> > There has been stories about web spiders that have caused havoc >> > because of this, >> Those spiders should then be blocked as they would be FUBAR if they >> existed. > > If they existed? Are you questioning the existence of spiders/ > crawlers? I am questioning that spiders/crawlers this buggy would survive for a considerable time on the Web, and so yes, if they still exist. If they ever existed and were the actual reason for the failure (and not the buggy Web developer's code). >> > and unexpected behavior in applications due to some browser preloading >> > url's that it 'think' the user might navigate to. >> If that applied here, one could not ever use the `location' property in >> Web applications. You are confusing this with URI-type element >> attributes, and it is doubtful whether those browsers should not be >> considered buggy as well in that case. > > I am not confused at all; I was referring to the concept of using GET > for operations with side effects, not whether they were accessed using > 'location.href=foo' or using a standard anchor element. But that's the very point. A spider/crawler needs to support a minimum of ES/JS+DOM to recognize such redirections for what they are. Name one. > And by the way, whether those browsers are 'buggy' or not, has nothing > to do with the issue. Yes, it has. Those browsers would not survive on the Web as nobody would want to use them. PointedEars -- realism: HTML 4.01 Strict evangelism: XHTML 1.0 Strict madness: XHTML 1.1 as application/xhtml+xml -- Bjoern Hoehrmann
From: Thomas 'PointedEars' Lahn on 23 Apr 2010 14:03
Thomas 'PointedEars' Lahn wrote: > Jeremy J Starcher wrote: >> Things with side effects should be send POSTed. > > Yes, but for other reasons than suggested here. It's not borken spiders > but crackers which should be guarded against. .... and users hitting the Back button, of course. PointedEars -- Anyone who slaps a 'this page is best viewed with Browser X' label on a Web page appears to be yearning for the bad old days, before the Web, when you had very little chance of reading a document written on another computer, another word processor, or another network. -- Tim Berners-Lee |