- From: Ian Hickson <ian@hixie.ch>
- Date: Fri, 21 Oct 2005 21:38:05 +0000 (UTC)
On Fri, 21 Oct 2005, James Graham wrote: > > > > Now, because of number 4 above, I'm guessing this is going to be > > controversial, which is why I'm calling this out explicitly (as > > opposed to waiting til I've filled in all the TBW sections and then > > just asking for a general review, since people might miss it if I did > > that). > > > > Thoughts? > > I'm not sure I see the point. There's no way anyone doing anything > remotely evil is ever going to use a mechanism that can be easily > disabled or one that doesn't work in some UAs. There are plenty of ways > of tracking usage data without using the above pattern. Can you list some? Other than redirects, I couldn't actually think of any reliable ones. XMLHttpRequests dispatched in tandem with the original request are unreliable since you can't guarentee which order the requests are sent in (and thus some clicks might get lost). What else is there? > I can't think of a sensible way of presenting the option to turn off > pinging in the browser UI (at least not one that is accurate. "Prevent > sites from contacting other locations when I click a link" is the best I > can manage and it's wildly wrong since there are so many other ways a > site could do this). The same checkbox that affects whether Referer: headers are sent could trigger this. The label would be something like: [ ] Disable user tracking (increased privacy, some sites may not work). -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Friday, 21 October 2005 14:38:05 UTC