On Tue, 2009-08-18 at 11:48 +1000, Tango Research wrote: > Some of you have expressed concerns about the tango survey > (relationship between one’s cultural identity and the values they see > in tango). > > This survey derived from questions which arose from my experience with > tango dancers in various countries, on different continents. Although > this is a study born out of my personal interest, as an experienced > researcher (I have a MA and a PhD, and one of my research interest > lies in the field of psycholinguistics), I have gone through all the > expected protocols for this study, starting with literature review. I > have decided on the methodology (methods of investigation, procedure, > and analyses) after due consideration. > > The survey is an initial, exploratory study to determine whether the > results are sufficiently promising to pursue a more intensive study. > If the results of the survey are promising (I am happy to share the > results with anyone who wishes to see them), I may consider doing this > study as a university project, in which case I have to obtain an > official ethics clearance, for example, to conduct email interviews > (as mentioned at the end of the survey). > > I chose to be anonymous and used non-personal email to communicate, > mainly because my personal email would reveal my occupation and > institution, leading people to presume that this survey was one of the > university research projects, which it is not. > > For reasons stated above, it would be inappropriate to host the survey > on the servers at work. Public servers did not provide the necessary > database facilities, so the bulk of the survey code is being hosted by > a friend. Traffic diversion is not an aim. > > One participant (well, in the end, non-participant) expressed security > concerns. The only aspect of the survey mechanism that may have > triggered the reported security alert is that the survey mechanism > uses a "cookie" to control the survey session.
No, the problem is a Javascript issue. I don't block cookies. But I do not allow any Javascript to run that is not from whitelisted site (using the NoScript Firefox extension, http://noscript.net/). This is a very useful security tool which acts to stop cross-site scripting attacks. Unfortunately, although there is clearly Javascript being attempted, it is not announcing itself properly, so I don't get a domain name I can whitelist. It would seem likely that your survey forms are mimicking a cross-site scripting attack, by linking to Javascript code being stored on a different website. If you tell me what that website is, I can white-list it, and run the survey. Myk, in Canberra _______________________________________________ Tango-L mailing list [email protected] http://mailman.mit.edu/mailman/listinfo/tango-l
