Re: treating invalid parameters in Content-Disposition

On Sun, Oct 3, 2010 at 1:43 PM, Eric J. Bowman <eric@bisonsystems.net> wrote:
> Adam Barth wrote:
>> 1) The browser does the wrong thing on 1% of all page views.  That
>> means users will be seeing the browser do wrong things on a daily, or
>> at least weekly, basis (based on statistics about the distribution of
>> number of page views).  That more than enough to drive potential
>> customers away.
>
> That's where you and I are going to have serious disagreements on the
> nature of _networked_ software architecture.  The Web isn't a closed
> system.  Errors need to be reported to users, or rather, developers.
> Once the producer of content sees an error instead of a result, the
> error may be fixed.  Your perspective is what leads to total site
> failure to avoid reporting a 500 error to the user, i.e. Facebook
> DDoS'ing itself the other day.  That's "correct" behavior?  I'd rather
> my website visitors see error messages (or rather, that I see them and
> correct them first) than break how the Web achieves interoperability at
> Internet scale (by allowing errors to happen, primarily 404).
>
> The concern about driving customers away is an *opinion* and not a fact,
> and even if true, the consequences of silent recovery in browsers lead
> to the much larger problem of gaping security/stability holes.  Willful
> violations of Web architecture can't be called secure in the name of
> user convenience, nor are errors resulting from not following standards
> to be considered "bad behavior" or the "wrong thing" -- they're critical
> to the nature of _networked_ software architecture on the open Internet.
> Browser vendors' desire to hide errors leads to a more fragile Web, i.e.
> the opposite of the robustness principle.

People have been making that argument for years, and still the popular
user agent implementor follow their incentives to maximize
compatibility.  Presumably the ones that listened to this advice
failed to become popular.  You're not going to change their behavior
without changing the incentives.

> You can't tell me that you've thought of and accounted for every
> possible consequence of abandoning standard MIME syntax for C-D in
> favor of allowing %-encoding.  Whereas I'm quite comfortable with the
> notion that any interoperability issues with conformant syntax lurking
> out there would've been found by now.  It defies logic to claim that
> it's easier for a new entrant to the browser market to implement
> different parsers for different headers instead of following MIME
> syntax defined for *all* headers.

... and yet that's exactly what the newest successful entrant into the
market has done.  I encourage you to bring a browser to market that
behaves as you suggest.  I suspect you'll have great difficulty
acquiring users if the folks who try your browser experience an
incompatible web site every day or if they can't use NewEgg.

Adam

Received on Sunday, 3 October 2010 20:57:19 UTC