On Sat, 22 Oct 2005 00:34:28 +0300, Ian Hickson <[EMAIL PROTECTED]> wrote:
On Fri, 21 Oct 2005, ROBO Design wrote:
<...>
:-)
I agree with most of your points. In reply to specific suggestions:
<...>
You can do this already using <img> elements (in fact it's even more
effecting for DDOSing a site since it happens as soon as the user goes to
the page, not just when the user clicks a link). In practice it's not a
problem.
<...>
Redirects almost always involve multiple servers in large scale
advertising situations, apparently, hence the multiple URIs.
<...>
The suggestion for this originally came to me from Web advertisers, so
I'm
not sure this is necessarily true.
I wouldn't have expected *this* to be suggested by web advertisers. Maybe
they have some twisted ideas that I don't think of now :).
Now you just changed the meaning of 'this is very evil' (I was thinking of
'evil' for companies). Actually, it's probably evil for users :).
<...>
You can't really do that, just like today users can always just use the
URI and ignore the redirect, they could do that with href="" ping="". In
practice very few users will change that so it won't be a big deal.
True. Users who want to avoid advertisments and tracking methods just use
specialized software for this (like ad blocker, ad muncher and many more).
Yet, these are very few users.
Yet, try to keep a balance between what's good for users and what's good
for Google *cough*.
I still see it as a 'security' or privacy issue to allow ping URLs to
various third-party servers because it makes it easier for other sneaky
developers to add their own ping URLs to other server. I'm talking about
developers who will be doing UserJSs of the future, even proxy servers
with content filtering, etc. I know what you are thinking of: how many
will write UserJSs and how many witll use them? Expect in the future some
really interesting web-viruses, thanks to the advent of web applications
(not only this specification, I'm talking in general).
Writing this email I got an idea to the reason of why this would be useful
to web advertising companies. They already make use of JavaScript, Flash,
iframes, cookies and the like, so they don't care about N% of users
disabling pings, JS, cookies, etc.
Yet, they do care more about tracking your behaviour (the pages you visit,
the page you stay on the most). The ping= attribute you've been suggested
to add makes it easy and the perfect solution for doing this. You almost
said how: a very small script to parse the DOM, by searching for all links
and the advertiser can add its own ping URLs. Seems simple to me and
feasable. It's also easier than now.
They will be able to do this tracking cross-domain, very easily and
simple. Not like now, because now cross-domain tracking of user behaviour
is harder.
You are giving them too much liberty :). And ... in contradiction with
what others said: it's actually something that will be used.
As Jasper said "to restrict it to the same host/domain as the source or
the link would
pretty much make it useless for advertising networks, which often have
many servers.". Very true.
That's about all I got to say right now about this. It has some advantages
to users (easy to disable) and some other advantages to advertisers
(detailed above).
--
http://www.robodesign.ro
ROBO Design - We bring you the future
