W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2010

Re: User interface requirements for redirecting to unsafe methods

From: Adam Barth <w3c@adambarth.com>
Date: Sun, 14 Feb 2010 10:08:48 -0800
Message-ID: <5c4444771002141008t50c2f78eud8fcbd8a64654d14@mail.gmail.com>
To: Maciej Stachowiak <mjs@apple.com>
Cc: Julian Reschke <julian.reschke@gmx.de>, HTTP Working Group <ietf-http-wg@w3.org>
I agree that it doesn't make sense for a wire-level protocol to impose
MUST requirements on the user interface of user agents.

On Fri, Feb 12, 2010 at 3:11 AM, Maciej Stachowiak <mjs@apple.com> wrote:
> 7) The requirements do not make sense for client software that uses HTTP
> networking as part of its implementation, but this is largely hidden from
> the user. For example, let's say a program uses a SOAP API to implement part
> of an application feature that is not obviously Web- or network-related.
> Prompting the user about a redirect in such a case would be nonsensical,
> since the user is not even aware that he or she is using an HTTP user agent.

To give a concrete example here, imagine a in-dash navigation unit in
a car that uses HTTP to interact with a real-time traffic service.  If
the navigation unit receives a 307 redirect to a POST request from the
traffic service, does it really make sense to prompt the user?
Prompting the user might be dangerous because it might distract the
driver and cause him or her to crash the car.

Adam
Received on Sunday, 14 February 2010 18:09:51 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:16 GMT