[whatwg] <a href="" ping="">

J. Graham wrote:
> On Sat, 22 Oct 2005, Lachlan Hunt wrote:
> 
>> It could be defined in reverse, where the ping attribute (probably 
>> given a more suitable name, but I'll use ping for now) could be 
>> advisory information about the final destination and the href 
>> attribute defines the ping destination, such that following the href 
>> attribute would perform a redirect, but WA1 UAs could use the URI in 
>> the ping attribute to notify the user of the final destination (such 
>> as displaying it in the status bar).
> 
> <a href="scamsite.com" ping="ebay.com">

<a href="http://scamsite.com/">Ebay.com</a>

What's the difference?

> Sure it's not much in the face of an alert and savvy web user but 
> there's a reason channging the status bar via js can be disabled (is it 
> disabled by default?)

Sure, scams are always a risk.  It could be defined that if the location 
returned with the redirect does not match that in the ping attribute, 
that the user should be immediately notified of the deception.  For 
legitimate cases, where the href is merely a redirection to the final 
destination, the user will get there without any problems.

Also, the current draft of ping states:

| When the ping  attribute is present, user agents should clearly
| indicate to the user that following the hyperlink will also cause
| secondary requests to be sent in the background, possibly including
| listing the actual target URIs.

Perhaps the notification (whether in the status bar, tool tip or 
whatever) could state somthing like:

   ebay.com via scamsite.com

Or maybe:

   scamsite.com, redirecting to ebay.com

As long as it clearly indicates the intention in a way that also 
prevents its abuse by scammers.


-- 
Lachlan Hunt
http://lachy.id.au/

Received on Saturday, 22 October 2005 04:04:13 UTC