> I find you insistence that in no normal circumstances could massl have > a point (which is how I understand your replies to this thread) - a > bit weird.
Firstly, I certainly did not intend to say massl could not have a point under any circumstance. So apologies if I came across as dismissive in any way. > have you never clicked on a link in a forum/email/whatever > and got part of the message appended to the url? here, try this one > E.g. > > The book's full of useful info, it's all > herehttp://book.cakephp.org/view/875/x1-3-Collection/andguess what my > space bar's a bit dicky. I joined the discussion as I believed that Google would only pick up on and score down a duplicate content link if one of its robots found such a physical link. Up until looking at the above example I could not think of a situation where someone would accidentally add a trailing slash and extra words to the end of a link. But I can see how that is entirely possible in the context of forums etc. and forget that browsers/people can add trailing slashes to links (I'm not in the habit of doing so myself, but should stop thinking people all use the web the way I do). > I find your opinion in this thread and massive overreaction to my > example (seek out? I typed your nick in google and appended example > texts to the first hit) contradictory/hypocritical. The main reason > for using your own site was: > > 1) to demonstrate it's easily possible (out of curiosity why isn't > your site using the stock pages controller?) > 2) to demonstrate that you and google aren't the people with the > 'control' to make the problem arise - which to me is the most > important reason to consider defending against it. To reply to a thread raising the issue of duplicate content and then to see the next reply displaying links to my site, which created this exact problem, made your reply seem very personal. I firmly believe others would have been surprised to see their websites used as an example too. Why didn't you reply to John Anderson or MilesJ in the same manner? I know the answer to this is probably that I was the last person to post when you replied, but John had taken a very similar line to me that if the link did not exist in your site then Google would not index it and Miles had questioned the depth of the problem too! My initial reaction was a polite request for you to remove those links, your response was a mocking no. By this point I was more focused on the personal aspect of your replies than whatever point you were attempting to make by posting the links in the first place. 1) Your demonstration, at the time, only proved that if you were deliberately trying to type a link wrong you could and that Cake would accept it, but I had not said no-one could type erroneous links, just that people are likely to copy and paste them. However I can now see how typo's could occur and that someone could mount a malicious attack against a site and that you should cover such eventualities 1a) I modified the pages controller to work in a CMS type manner, I am guessing I have removed something that would help in this situation? 2) Yip, typos happen and malicious attacks are malicious and untraceable to mere mortals. My moral compass was overriding reality when I mentioned reporting people. > I'm sorry you feel you've been wronged it was just an example to > clearly demonstrate the opposite of your message. Given you emailed me > offlist (contrary to popular belief I don't sleep plugged into the > internet) I see you really do feel strongly about it - Yip, I did feel wronged as you picked on me alone when others has made the same/similar points and to create examples of the problem being discussed using my website can only be taken as directed towards me individually, which has to be the definition of personal. > which further > confuses me as to why you insist massl's thread is to address a > problem that doesn't exist (despite him requesting that whether it > exists not be discussed) I was wrong to say "I do no (sic) see how this is a problem", but I was not the only one to say that. massls request for the discussion to not go in this direction was missed being at the bottom of his second post. I picked up on this later and have apologised, but our online differences aside (a side effect of non verbal communication), I do feel as though it's been a useful discussion to have. I am here to learn and I'm therefore happy to be corrected by anyone. > However, to bring things back to the original point - IMO defending > against malicious users isn't the main reason you'd consider the (same > content - different url) problem. > > Here's some example urls that an app can easily generate, one way or > another, and they'll all contain the same content: > > 1) You define some vanity/i18n routes, consider an action in a plugin > controller:http://example.com/action/http://example.com/plugin/action/*http://example.com/plugin/plugin/action/http://example.com/plugin/plugin/action/something<- > massl's concern > > 2) You use > paginationhttp://example.com/controller/http://example.com/controller/index/http://example.com/controller/index/sort:id/http://example.com/controller/index/sort:created/http://example.com/controller/index/page:1/http://example.com/controller/index/page:1/sort:asc/http://example.com/controller/index/sort:asc/page:1/ > etc. Clear exampled of duplicate urls, especially the pagination ones which must exist in a lot of people's Cake apps > > If you insist that it's impossible for someone to maliciously or > accidentally append something to a url which your code will ignore - > you should at least consider how your own code is generating links. > It's possible with some forethought to forgo the entire problem - by > using a canonical metatag as lucca suggested and/or by using a > component to apply some intelligent 301 redirect logic for you. You're twisting my words as I never insisted it was impossible for malicious action to result in this. My views were: "... neither you or a search engine would add extra unneeded parameters to a link ..." TRUE "... anyone linking to your pages is just going to copy/paste an URL ..." in most cases will be true, but now understand that a link could have a trailing slash and a dicky space bar could result in a lengthened url > * with latest 1.3 it doesn't automatically do/understand this any more Good news, finishing my current app development before I then migrate to 1.3 ... looking forward to it. Paul. P.S. Thanks for removing the links :o) Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
