- From: Ian Hickson <ian@hixie.ch>
- Date: Wed, 7 Nov 2007 22:08:17 +0000 (UTC)
- To: Adam van den Hoven <adam.vandenhoven@gmail.com>, Mark Baker <distobj@acm.org>
- Cc: HTML WG List <public-html@w3.org>
On Wed, 7 Nov 2007, Adam van den Hoven wrote: > > Perhaps its worth looking at it from a different point of view. > > This attribute [...snip REST explanation...] > Because we are creating a new instance, a POST is the correct method to use. I agree with your reasoning. > I used something of a RESTful way of speaking intentionally but the > reasoning applies regardless. When a request is made of the ping URI, it > is reasonable to say that it is creating a "new link audit event" > regardless of how its implemented. Creating a new resource is always a > POST. Otherwise, it would perhaps be beneficial to define a new HTTP > method to better identify these sorts of requests and their meaning. > From what I read (http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html) > it is allowed. I would suggest that AUDIT or PING would be natural (if > not the best) choices. I agree that a new method would be better. I'm not sure it is a feasible solution, though, given the high cost (in terms of spec development and server development and deployment) of a new method. We can't just invent a new method; not withstanding that we'd get quickly stoned, we'd also not soon be able to implement it server side (e.g. in Apache). > I think that the feature, however, does not do enough to be sufficiently > useful that it will supplant the existing javascript tracking. > Specifically, knowing which link on which page may not be sufficient. It > is a reasonable usecase to want to use a single PING URI for multiple > destination URLs. For example, I may have a marketing campaign that I > care about and I want to track user's interaction with the "Call To > Action" link for that campaign. However the actual URL used for that > link may change if the user is logged in. It is reasonable to want to > know not only how many people clicked the call to action but also where > they went. If the request included the destination URL, say in a header > similar to REFERRER that can be disabled. You can presumably include that information in the URI itself, e.g. in query parameters, if you desire. I imagine in many cases there will be a desire to include much information in these links, e.g. when the referring page was generated. ping="" doesn't remove all need for scripting for tracking pings. > I'm also not clear on why only link tracking is singled out this way. I > can think of two additional types of audit events that are "hidden" by > JavaScript: page views and form abandonment. It seems to me that if its > beneficial to expose link traversal tracking to users is beneficial, > then it must also be beneficial for page view and form abandonment. We're just trying to hit the 80% case, which is pings. If that works well, then in a future version we may address the less important cases, but they are not as critical. (It's also not clear that the privacy concerns are as great for the two examples you give -- there's a privacy concern, sure, but it's not the same level of concern as with link tracking). On Wed, 7 Nov 2007, Mark Baker wrote: > > > > > > Since we're looking for common ground, as I mentioned before, I > > > agree that a pinged server will probably behave non-idempotently. > > > But that's orthogonal to the meaning of the message it receives. > > > > How so? The message is "A link was clicked". This is fundamentally a > > non-idempotent message: multiple link clicks are not the same as a > > single link click. > > It's my turn to ask "How so?". Consider a site attempting to determine which links are the most useful on their site. If someone has a page open, and opens a secondary page linked to from that first page, into a new tab, and then does this again several times, each click is a new event to track. It's not the same event. Similarly, if someone repeatedly does a search and selects the same result, each time they select that result is a new event, even if they reached the search results page by getting it out of the cache. Or, as a third example, if the link is actually a javascript: link or some such (which may be a bad idea, but is common) then you can easily see one link getting clicked multiple times, each of which is a new event. > As I see it, the message is "turn this URI into some data please", which > is safe and idempotent (by definition: all safe messages are > idempotent). No; in fact there is no data returned at all by pings -- it's a one-way client-to-server communication. It's "record this data", not "turn this data into" something. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Wednesday, 7 November 2007 22:08:35 UTC