lynx-dev
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev Problem with META HTTP-EQUIV="refresh". Is it a bug?


From: Gennady Stupakov
Subject: Re: lynx-dev Problem with META HTTP-EQUIV="refresh". Is it a bug?
Date: Tue, 20 Mar 2001 15:42:47 -0800 (Pacific Standard Time)

Looking again at the page returned by the server, (I use the
lynx -useragent='Mozilla/4.5 [en] (WinNT; I)' command to pretend
to be a 'legitimite' browser), I found out that the problem is
actually that the form with ID and password is sent back after a
processing in a javascript.
Apparently lynx does not have a capability to do javascript.
Does it mean that there is no way that I can get through this login
page with lynx?

Gennady.


On Tue, 20 Mar 2001, David Woolley wrote:

> >
> > ************************************
> > I want to use lynx to get to the Bank of America web site:
> > https://money.bankamerica.com/cgi-bin/SingleSignonServlet
> >
> > The html document returned from the server has a form for input of
> > user ID and a password. But it also has a refresh command
>
> This is yet another new way of breaking a site with Javascript.
> Javascript is the real problem here.
>
> > in it: <META HTTP-EQUIV="refresh"
> > CONTENT="0;URL='/help/un-supported_browser.html">
>
> Using Refresh to achieve a redirect, in particular using it with a timeout
> of zero is given a SHOULD NOT status in the HTML 4.01 standard.  Refresh is
> not specified by any IETF or W3C specification (notwithstanding the
> warning not to abuse it in the HTML specification).  It is a Netscapism.
>
> Using a non-absolute URL violates Netscape's specification for this
> feature.
>
> Lynx takes the view that the user should be allowed to read things at
> their own pace, so treats it as a pseudo-link.
>
> > If I use IE, I type in the user ID and password, click the submit button
> > and get to the next page. In lynx, clicking the submit button brings me
> > to the highlighted link of the refresh URL only. I checked with the
>
> This is a double fault condition; Lynx doesn't support Javascript but
> also doesn't handle Refresh the way they expect.  If you access this
> page on IE 5.01, they way I have it configured, it goes a page telling
> you to upgrade to at least IE 4.01 (or various Netscape versions)!
> That's because they haven't considered that security conscious people
> might not permit JavaScript to run even on recent browsers.
>
> They also haven't considered that even early GUI browsers might not
> act on the "redirect".  As a result, browsers that are able to support
> the page may actually generate a "please upgrade" and browsers that cannot
> support the site may display the form!
>
> I haven't looked at the code in detail, but I suspect that Javascript
> with a suitably powerful object model is used to abort the refresh
> on browsers that support it, and the refresh is used to to try to
> dump all other users into the "please upgrade" page.
>
> I presume that the submit button doesn't work without Javascript.
> One common trick with links and image links is to have href="#"
> and do the real work with onclick.  Maybe the button isn't really
> a button but an image link (although the page took an annoying
> time to load before redirecting, it redirected as soon as it was
> fully formed, so I didn't get a good look).
>
> > What is wrong here? Is it a bug, or I am doing something wrong?
> > I use the latest version dev19 compiled for cygwin.
>
> You are making the mistake of assuming that commerce cares about
> accessibility or anything other than the latest versions of the big 2,
> configured as out of the box.
>
> ; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden
>


; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden

reply via email to

[Prev in Thread] Current Thread [Next in Thread]