lynx-dev
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev lynx and monster.com


From: David Woolley
Subject: Re: lynx-dev lynx and monster.com
Date: Mon, 19 Jul 1999 08:35:26 +0100 (BST)

> send it, then the job won't be displayed. You can go to the url
> http://my.monster.com/vars.asp to see if the browser sends HTTP_REFERER.
> If not try updating the browser to the newer release.

Actually, for Lynx, downdating by a large amount is likely to make it
work!  Lynx has always understood referer, the problem is that it
can represent an invasion of privacy when dealing with a commercial
site.  One of things that recent Lynx's will not do is to send
URLs with form parameters; they may include sensitive data like 
passwords, and this is probably what is upsetting the site.

I believe the most recent versions will now send such URLs, but
will strip the form parameters.  If they are using Referer for the
stated purpose and not for click trailing, or to define sessions, as
well, it might be sufficient to enable this feature (I don't have that
version here, so can't check the details).  If they need an exact
match, you may be able to argue that they should not check the parameters,
but supporting Lynx is usually difficult to justify as a business case.

Note that Lynx is being non-compliant in sending truncated Referers;
I'm not sure at the momemnt whether suppressing Referer is now allowed
by the HTTP specification, but I think what would be allowed would be
complete suppression.  Incidentally, I believe Referer can be suppressed
in the big 2 (but only as an advanced option) and many people run
proxies configured to delete it, or replace it by a dummy value.

You might be able to argue a case based on non-Lynx users suppressing
Referer for privacy reasons (they probably have just hear of them as
a solution to their particular problem), however, I think they would
tell big 2 users to re-enable when accessing their site, and proxy users
to go direct or use a different proxy.  I think the one thing that would
change their minds is if a large number of companies started suppressing
Referer on their firewall proxies, as probably a lot of job searches are
done on current employer's time.  However, most people these days plug
and play proxies, so wouldn't be aware of Referer.
> 
> I suggested as an alternative that a copyright statement be included on 
> each individual job page, but maybe that was too easy? 

Copyright law hasn't really caught up here.  The only thing that the
real offender is copying is the URL, and it is arguable that URLs
cannot be copyrighted (but see an lawyers specialising in IPRs!).
You could copyright the actual page, but the end user will
have already breached the copyright before they are able to read
it, and the licence terms on the page would be ugly.  I suppose there
might be a case of incitement to breach the copyright, but this would
probably be an expensive test case, and there may well be no applicable
law.  (Litigation against lots of small offenders is expensive and
can cause bad publicity.)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]