Matthew Toseland <mtoseland at blueyonder.co.uk> writes: > I'd prefer for it to start immediately as HTML, in case any browser only > treats text as HTML if it sees HTML in the first n lines or n chars.
Fair enough. > Yup. There are some interfaces issues; I am planning to add a > "Protecting your anonymity" link/servlet to the nodeinfo/fproxy home > page, which includes this sort of thing. Another problem is how do we > get users already using freenet to test their browsers; and for this > reason, keeping a blacklist of bad browsers separately has to be a good > idea. It's certainly easier to check the browser id as it's sent with every request. On the other hand, you'll have to keep a registry of buggy browsers, some browsers may report false information, etc. etc. Checking for the bug(s) directly, is less error prone. But that may mean that everybody has to be routed through an "testing ... 1 ... 2 ... " page the first time they use this fproxy instance. Ugly. > If people want to disable the warning completely, they can go hack the > source. Nope. They will simply turn off the anonymity filter wholesale, i.e. have even less protection. > > As a final thought, couldn't we just work around deficiencies like > > that? What happens if you send "text/x-really-plain" instead? > Nope. Not really. What about prepending <html><body><pre> and replacing <, >, & with their respective HTML entities? -- Robbe -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.ng Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20020907/e913589e/attachment.pgp>
