[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

lynx-dev dev.16 patch 5 - "internal-links" text

From: Klaus Weide
Subject: lynx-dev dev.16 patch 5 - "internal-links" text
Date: Thu, 9 Dec 1999 21:54:24 -0600 (CST)

Maybe this creates some discussion...

 - The previous text was wrong, imo.
 - I continue to believe that --enable-internal-links is the right
   behavior (and use it).  I anyone is sufficiently interested, I can
   demonstrate that using lynx *without* --enable-internal-links leads
   to "inappropriate resubmission of form content".  It hasn't been
   shown that this is the case *with* it, afaik.
 - Fote has never claimed that it would "compromise a secure transaction"
   (whatever exactly that would mean) - just that it would "force
   resubmissions when it shouldn't" and that in the context of secure
   transactions [Lynx's] "caching and resubmission logic are very important".
 - For some perspective: it's rare that --enable-internal-links makes any
   difference.  I do think that "caching and resubmission logic" are
   important to get right (and I don't get the impression that other more
   recent code additions have paid much attention to this - I'm thinking
   of source_cache failure modes.)  Still, I haven't seen any example
   of a real site where an inappropriate re-submission would lead to
   harmful consequences ("secure" or not).  After all re-submission can
   happen by pilot error as well as by browser error.  A realistic site
   (where it matters) doesn't "punish" a user for pressing the wrong key
   and confirming some hard-to-understand prompt.


* Changed INSTALLATION text for --enable-internal-links.

--- 2.32/INSTALLATION Sat, 04 Dec 1999 01:44:26 -0600
+++ 2.32(w)/INSTALLATION Thu, 09 Dec 1999 19:42:11 -0600
@@ -372,10 +372,19 @@
   --enable-justify-elts                        (define EXP_JUSTIFY_ELTS)
        use experimental element-justification logic.
-  --enable-internal-links              (prevent defining 
-       Disabled by default, this option allows tracking of internal links,
-       a feature which could, however, compromise a secure transaction by
-       forcing inappropriate resubmission of form content.
+  --enable-internal-links      (prevent defining DONT_TRACK_INTERNAL_LINKS)
+       With this option, `internal links' (links within a document to a
+       location within the same document) get treated differently.  Lynx
+       can distinguish between `<A HREF="foo#frag">' and `<A HREF="#frag">',
+       for example, within a document whose URL is `foo', and may treat
+       them differently.  Practical differences appear only when the
+       containing document is the result of a POST request or has a no-cache
+       flag set.  According to the author of this feature, it does The Right
+       Thing, interprets URL-References as required by RFC xxxx, and prevents
+       inappropriate resubmissions of form content with the POST method.
+       According to a previous lynx maintainer, it does the wrong thing,
+       is unnecessary, and can cause inappropriate resubmission of form
+       content.
   --enable-kbd-layout                  (define EXP_KEYBOARD_LAYOUT)
        Disabled by default, this option allows you to use translation

reply via email to

[Prev in Thread] Current Thread [Next in Thread]