Doug Otis wrote:
On Apr 16, 2009, at 11:05 PM, Hector Santos wrote:
If you use FF, I recommend using the NoScript plugin to protect yourself.
Agreed. Unfortunately, even our portal requires third-party cookies
used by a news feed. :^(
Whats amazing and humbling experience to see the tide with the current
generation of development lacking a regard for backward compatibility.
<optional type="personal note">
Maybe because the current generation don't have the insight to design
for backward compatibility - they know what they know now. In other
words, a portal designed for normal HTML is no longer important. For
our web portal, designed in 1996, we intentionally avoid UI designs
that required cookies and javascript - pure HTML. It was only in
2004/5 when we updated the web portal to OPTIONALLY support
javascript, cookie-based authentication. IOW, it didn't break down if
the user has javascript and/or cookies disabled.
IMO, that sorta of design is now lacking. Increasingly, I'm seeing
more web sites totally breakdown with the better ones throwing up a
browser requirements page. In a way, thats good for us. Do the same
thing and reduce the complexity of the backward compatibility web UI.
What bothers me though is that much of whats going on is being done by
14-18 years old who IMO lack experience in social engineering and
ethical design considerations. To them the idea of COOKIES and
JAVASCRIPT being disabled is unthinkable.
I have to give credit to gmail.com for their web-based UI. Here they
designed it for both javascript and non-javascript operations. In
fact, if you don't like the silly ads in the GMAIL.COM mail display,
turn off Javascript and switch the HTML mode.
</optional>
Keeping this somewhat related to DKIM <g> I can see how
Cookies/Javascript can be used for web based MUAs.
For example, we can have a AJAX based MAIL API where a message display
can be done by our backend:
From: doug
To: hector
Status: Signed by DKIM
The display includes javascript that to show an ajax-based DKIM status
information request:
Status: <div onCLick="ajaxDkimStatus();">Signed By DKIM</div>
Clicking it does a background Ajax call, and displays a overlapping
popup <div id="dkimStatus_Result"><div> window. It might use a cookie
to store the current message id for reference.
If the user has cookies/javascript disabled, this breaks down. Does
not provide me the incentive to do this. For the new generation, they
won't think twice. :-)
--
Sincerely
Hector Santos
http://www.santronics.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html