- From: Ian Hickson <ian@hixie.ch>
- Date: Tue, 25 Oct 2005 20:47:47 +0000 (UTC)
On Tue, 25 Oct 2005, Christian Schmidt wrote: > Ian Hickson wrote: > > > > The problem at the moment is that the redirect mechanism obscures the > > eventual target URI. > > One backwards-compatible way (that doesn't require scripting) to solve > this problem would be to add a new attribute that specifies the eventual > target URI: > > <a > href="http://tracker.example.com/?id=1&url=http://dest.example.com/foo.html > target-href="http://dest.example.com/foo.html"> > > This would allow the UA to display both (or perhaps the target href > followed by the hostname of the direct href). > > To prevent spoofing, the UA should display an error if the actual target > URI was not the one specified. That's an interesting idea. One problem (a blocker problem IMHO) is that it doesn't really allow for moving to a world where, once HTML5 is widely supported, the redirect pages can stop redirecting, and just log and return nothing. It's not as clean as href="" ping="". > Problems compared with the initial suggestion: > - The tracking CGI script should support redirection even for > WA1-supporting UA's. This is hardly a problem, though (it's one line of > code in most languages). And once HTML5 is widely enough supported, they can stop doing it without breaking the legacy UAs (e.g. lynx or IE6) that don't support ping="". > - The target URI in the href attribute should be URL-encoded. Some people > don't know how to do that. It gets even more confusing if several tracking > servers are visited before the final URI is reached. That's the case with any system. > - The server hosting the tracking CGI script should be alive. Again, same with any system. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Tuesday, 25 October 2005 13:47:47 UTC