RE: Session timeouts not part of 2.2.1? from Michael Cooper on 2006-01-12 (w3c-wai-gl@w3.org from January to March 2006)

From: Michael Cooper <michaelc@watchfire.com>
Date: Thu, 12 Jan 2006 13:36:06 -0500
To: <w3c-wai-gl@w3.org>
Message-ID: <A0666B3C59F1634290FDC88674D87C3206BE6F94@1WFEMAIL.ottawa.watchfire.com>

Thanks for your thoughts. They stimulated a few things for me which I
just want to lay out in brief:

1) We definitely need to disambiguate the terms "server timeout" and
"session timeout", or decide that there is no difference and choose one
term. From context, I assumed they were intended to be one thing and
have used them interchangeably. If that is incorrect, we'll need to make
definitions.

2) I agree with what I think Ben said, which is that even if the author
doesn't have control over the server, it is legitimate to include
success criteria that impact server configuration including, in this
case, timeouts. An author desiring to conform to WCAG either has to get
control over the server, use some client-side technique to repair the
issue (e.g., a meta refresh element, or a script that pings the server
and keeps the page logged in), or find another server. 

3) I think I understand what is meant by the technique about server-side
redirect. I thought I had posted something to the list, but when I dug
for it, it turns out I only discussed it off list with a few people in
the context of an action item, and then the holidays came up and I never
ended up bringing it forward to the list. Sorry about that carelessness.
Anyway, here it is:

The other case I can think of is server-requested refresh and redirect.
The two "common failures" deal with redirects and refresh created by the
<meta> element in HTML. However, the <meta> element is defined in the
HTML spec <http://www.w3.org/TR/html401/struct/global.html#edef-META> to
provide a "virtual" HTTP header. The "header" that the HTML technique to
create refreshing pages uses is called the "Refresh" header, but
unfortunately I just discovered that this header is not defined in the
HTTP specification <ftp://ftp.isi.edu/in-notes/rfc2616.txt> and as far
as I can tell, never was. Nevertheless, I tried putting that HTTP header
into a Web server on my local machine, and sure enough, recent versions
of Firefox and IE both respected the header and refreshed the page just
as if I had defined it in HTML with a <meta> element.

Given that this is not defined in the spec, I have no idea if it's a
common enough situation for us to write techniques against. But since
the browsers support it, I have to imagine the developers anticipated it
being used. So possibly we'd want to create "HTTP" techniques about this
for the guide doc.

Michael

Received on Thursday, 12 January 2006 18:36:12 UTC