Re: Static? Dynamic?

On Wed, 30 Jun 1999, Dan Connolly wrote:
:->> You are absolutely correct - such usage would be antisocial. Of
:->> course, you can create a link that does that *RIGHT NOW*.
:->No, you can't. That is: you can implement that behaviour,
:->but it's not consistent with the HTTP 1.1 spec nor
:->with the expectation of lots of deployed software
:->and wetware (i.e. info in users' heads).

Given that following standards on the web seems to be the route less
travelled, I'm going to argue that the wetware deployment is
minimal. That it's not consistent with the HTTP/1.1 spec is irrelevant
- it can be done if you really want to do it. There are so many tools
for those who want to be antisocial, I don't see how providing a way
to make one of them legit can be considered a sin. In particular, if
there is a good use for some such facility, then withholding it
because it means that one antisocial behavior now follows spec seems
pretty pointless.

:->> What you
:->> can't do is tell the browser that this link isn't safe.
:->Fine by me. And you agreed that it's antisocial. Why
:->should we facilitate antisocial behaviour by making
:->HTML syntax for it? especially when we have HTML syntax
:->(<form method=POST>) that denotes actions like deleting
:->bank accounts... syntax that's widely deployed in a way
:->that's consistent with user expecatations.

While the syntax is widely deployed, I disagree with the "user
expectations" part of your statement. Web sites that modify shopping
carts based on simple links abound - in fact, they seem to be the rule
rather than the exception. Those that do use buttons in a POST form
tend to have a graphic that simple says "let me buy this".  The user
has no way of telling whether it's an IMG wrapped in an A, or a INPUT
TYPE=image inside a form, and in practice it doesn't seem to matter.

Actually, I could just take that out if I were willing to use images
instead of text. But I'd rather provide something that's going to be
readable for all users (not to mention loading faster) - without
presenting them with a list of commands wrapped in silly-looking,
space-eating transparent buttons or forcing them to take extra
keystrokes for every command.

So the reason for doing this is the same reason that we facilitate
antisocial behavior by providing web servers and browsers in the first
place - because it allows us to do things that are useful. You can use
these tools - with or without following the spec - to do anitsocial
things like delete an account. For instance, if pushing the submit
button in:

	<FORM METHOD="POST">
	<INPUT TYPE=SUBMIT VALUE="Goto"> page <INPUT NAME="pageno">
	</FORM>

deletes your bank account, then it follows spec. Does that make it any
less antisocial than deleting a bank account when someone follows:

	<A HREF="next_page.cgi">Next</A>?

Nuts, these days you don't even need someone to click on a
link. JavaScript lets you attach actions to the mouse moving over the
link, so you can ask it to the work for you:

	<A HREF="http://www.w3.org/"
		OnMouseOver="window.location='http://www.phone.net/'>Next
	</a>

For those of you with a mail read that mapped that to HTML & did the
JavaScript - sorry, but now you know what you're letting yourself in
for.

That seems to have turned into a bit of a diatribe. On the other hand
- I think it needs it.

	<mike

Received on Wednesday, 30 June 1999 04:49:59 UTC