- From: Harry Halpin <hhalpin@ibiblio.org>
- Date: Mon, 17 Oct 2005 17:01:02 +0100
- Cc: www-tag@w3.org
As for the original case Henry commented upon...
I know it's an edge case, but there are occassions when one *wants* one
any user to access
URIs by using the ".../..." directory changing procedure to access
possible URIs.
For example, on my website www.semanticstories.org/corpus, I post
various the entire directory
structure of a project straight from my unix box to to the Web, and
*fully* expect
visitors to navigate around using the ../... methodology. I guess I
could have automatically
generated a HTML file via perl listing all the files and
directories...but why bother? Any user can use
their common-sense to navigate around the site via just deleting the
last bit of the URI and moving
"up a directory".
I think the Web community would generally support a TAG statement on
this issue, as it seems to
be setting a truly disturbing legal precedent that directly conflicts
with the principles of Web architecture.
-harry
-----------------
Harry Halpin
www.ibiblio.org/hhalpin
Uni. of Edinburgh
Norman Walsh wrote:
>/ Dan Connolly <connolly@w3.org> was heard to say:
>| On Thu, 2005-10-13 at 11:40 +0100, Henry S. Thompson wrote:
>[...]
>|> The issue for the TAG is surely that exploratory modifications of URIs
>|> are in a sense _invited_ by their very nature, and thus should never be
>|> describable as unauthorized -- by publishing
>|> http://www.example.com/a/b/c, I implicitly publish all
>|> path-transformed versions of that URL, don't I?
>|
>| No, I don't think so.
>
>I do. And I'll go a step further, I think running an HTTP server
>explicitly grants the public permission to attempt to GET any and
>every URI that could possibly exist.
>
>| But look at your server logs, and you'll find tons of bots trying
>| to exploit well-known server bugs. That's clearly anti-social
>| behaviour, and I'm somewhat sympathetic to efforts to outlaw it.
>
>I'm not[*]. As Tyler Close suggests later in this thread, it appears
>that, in the UK at least, following links on this page
>
> http://lists.w3.org/Archives/Public/www-tag/2005Oct/0020.html
>
>exposes you to risk of criminal prosecution.
>
>It is no longer safe (in a very literal sense) to surf the web in
>the UK.
>
>|> Danny, Rigo, is there a point here the W3C or the TAG should try to
>|> address?
>
>We commented on deep linking, I think we should surely comment on
>this.
>
> Be seeing you,
> norm
>
>[*] I might be, if legislation was formulated in such a way that it
>was only going to net the antisocial creeps, but there's nothing
>antisocial about attempting a GET on a URI and getting a 404.
>
>
Received on Monday, 17 October 2005 16:01:33 UTC