Thread: Up Your Browsing Speed!
View Single Post
05-12-2005, 04:26 PM
 #18
plattopus is offline plattopus
Status: Junior Member
Join date: Dec 2004
Location: Melbourne, AU
Expertise:
Software:
 
Posts: 33
iTrader: 0 / 0%
 

plattopus is on a distinguished road

Send a message via MSN to plattopus

  Old


Everyone makes mistakes, even Google. Mistakes are what beta programs are for. One mistake in the beta release of Google Web Accelerator (GWA) last week is proving to be a valuable reminder for Web developers.

Among other things, Google Web Accelerator speeds up your browsing experience by scouring pages you visit for links and quietly preloading them in the background in case you decide to click one of them. Can you spot the problem?

A misguided design trend of avoiding buttons in favour of hyperlinks in Web applications is the problem. Web applications increasingly include links that delete records, confirm actions, and take all manner of sensitive and potentially irreversible actions. And here comes GWA, ready to click them all for you automatically!

So whose fault is this? If you believe 37signals, whose just-launched Backpack application fell prey to link-happy GWA last week, it's Google's fault for not anticipating the side-effects of its link prefetching. If you believe Google, it's developers' fault for not complying with Web standards.

According to the W3C, hyperlinks and forms that use the HTTP GET method of submission should only be requests for content or information (such as a search). Actions--and especially actions for which the user will be held accountable--should always be performed using HTTP POST requests, which in most cases means clicking a submit button, not a hyperlink.

Developers who use ASP.NET, for example, need to think twice before using the deceptively simple LinkButton control, which simulates a form button using a hyperlink. Who knew the innocent hyperlink could cause so much trouble?

The trend away from buttons and towards hyperlinks in Web design is therefore a dangerous one. Before using a hyperlink, designers should ask themselves: what if this link gets clicked automatically?

Interestingly, some of the conversations that have sprung out of the GWA prefetching mess have started to look at Web application security issues like cross-site scripting (XSS) with fresh eyes. Read on for the low-down on these issues.
- From the SitePoint newsletter.

I uninstalled the Accelerator a few days after I downloaded it. I found that it gave me a hell of a lot more "server errors" than before I started using it, and it really wasn't a noticeable benefit. The above newsletter story also played a part in my decision.