- From: Lachlan Hunt <lachlan.hunt@iinet.net.au>
- Date: Wed, 19 May 2004 18:03:10 +1000
- To: Brian Sexton <discussion-w3c@ididnotoptin.com>
- Cc: www-style <www-style@w3.org>
Brian Sexton wrote: > Greetings. > > >>The 'target-name' property >> Except for 'current', the other properties may cause unexpected >>actions such as opening a new window/tab and replacing a frameset. >>Therefore, I think it should be stated that the UA SHOULD/MUST make the >> action known to the user, through a UA specific means, prior to >>activation. > > I do not agree that user agents should or must provide notifications for > target-name property values other than "current"; such notifications could > be very disruptive in innocuous page designs. <snip/> > If a > confirmation window pops up each time the user clicks on a root link, such a > usable arrangement would become tedious. When I wrote that way back in February [1], I did not intend for it to be interpreted as: /show obtrusive and annoying confirmation messages every time a user clicks the link/. What I meant was that there should be some kind of indication made *prior to activation*. I was thinking along the lines of a status bar message/icon or something that the user can glance at before clicking, but I didn't want to go into implementation details since all UAs are different, which is why I said “UA specific means”. This indication would then allow the user to override this option through some other UA specific means, such as middle-clicking, shift+clicking, selecting from a context menu or some other method to open the link however the user wanted. > And what if a Web developer wants to target all local links at the root of > the document hierarchy to escape framesets from other domains? Good point, but I think this really should be the user's choice whether they want to stay within or break out of framesets, however the most popular UA doesn't really make this easy for the /average/ user. Mozilla does via a context menu, but unfortunately most people use IE (but that's their problem anyway). > I am not a security expert, but here is an example of a user agent option to > prevent security issues that may arise from link targets (such as spoofing > other Web sites): <snip>sample user options for setting notifications about link targets</snip> Of course, UAs should usually always provide options about the notifications that should be given, and how they should be given, but I think the exact implementation details should be left up to the software vendors. [1] http://lists.w3.org/Archives/Public/www-style/2004Feb/0501.html -- Lachlan Hunt http://www.lachy.id.au/ lachlan.hunt@lachy.id.au
Received on Wednesday, 19 May 2004 04:03:31 UTC