[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
lynx-dev dev.16 patch 5 - "internal-links" text
From: |
Klaus Weide |
Subject: |
lynx-dev dev.16 patch 5 - "internal-links" text |
Date: |
Thu, 9 Dec 1999 21:54:24 -0600 (CST) |
Maybe this creates some discussion...
- The previous text was wrong, imo.
- I continue to believe that --enable-internal-links is the right
behavior (and use it). I anyone is sufficiently interested, I can
demonstrate that using lynx *without* --enable-internal-links leads
to "inappropriate resubmission of form content". It hasn't been
shown that this is the case *with* it, afaik.
- Fote has never claimed that it would "compromise a secure transaction"
(whatever exactly that would mean) - just that it would "force
resubmissions when it shouldn't" and that in the context of secure
transactions [Lynx's] "caching and resubmission logic are very important".
- For some perspective: it's rare that --enable-internal-links makes any
difference. I do think that "caching and resubmission logic" are
important to get right (and I don't get the impression that other more
recent code additions have paid much attention to this - I'm thinking
of source_cache failure modes.) Still, I haven't seen any example
of a real site where an inappropriate re-submission would lead to
harmful consequences ("secure" or not). After all re-submission can
happen by pilot error as well as by browser error. A realistic site
(where it matters) doesn't "punish" a user for pressing the wrong key
and confirming some hard-to-understand prompt.
Klaus
* Changed INSTALLATION text for --enable-internal-links.
Index: 2.32/INSTALLATION
--- 2.32/INSTALLATION Sat, 04 Dec 1999 01:44:26 -0600
+++ 2.32(w)/INSTALLATION Thu, 09 Dec 1999 19:42:11 -0600
@@ -372,10 +372,19 @@
--enable-justify-elts (define EXP_JUSTIFY_ELTS)
use experimental element-justification logic.
- --enable-internal-links (prevent defining
DONT_TRACK_INTERNAL_LINKS)
- Disabled by default, this option allows tracking of internal links,
- a feature which could, however, compromise a secure transaction by
- forcing inappropriate resubmission of form content.
+ --enable-internal-links (prevent defining DONT_TRACK_INTERNAL_LINKS)
+ With this option, `internal links' (links within a document to a
+ location within the same document) get treated differently. Lynx
+ can distinguish between `<A HREF="foo#frag">' and `<A HREF="#frag">',
+ for example, within a document whose URL is `foo', and may treat
+ them differently. Practical differences appear only when the
+ containing document is the result of a POST request or has a no-cache
+ flag set. According to the author of this feature, it does The Right
+ Thing, interprets URL-References as required by RFC xxxx, and prevents
+ inappropriate resubmissions of form content with the POST method.
+ According to a previous lynx maintainer, it does the wrong thing,
+ is unnecessary, and can cause inappropriate resubmission of form
+ content.
--enable-kbd-layout (define EXP_KEYBOARD_LAYOUT)
Disabled by default, this option allows you to use translation
- lynx-dev dev.16 patch 5 - "internal-links" text,
Klaus Weide <=