[tor-talk] Flashproxy questions. (Badge config, user interaction)
David Fifield
david at bamsoftware.com
Sun Oct 7 15:06:22 UTC 2012
On Sun, Oct 07, 2012 at 11:08:15AM +0200, Sebastian G. <bastik.tor> wrote:
> Thank you for the detailed information.
>
> >> How can it be achieved that the badge is only active after it has been
> >> clicked?
> >
> > What this means is that the JavaScript would run, but not actually do
> > anything until clicked.
>
> My question wasn't precise enough. As far as I understand it now, a
> website owner (admin) can't choose between opt-in and opt-out, right?
>
> I assumed that
>
> iframe ="//crypto.stanford.edu/flashproxy/embed.html" width="80"
> height="15" frameborder="0" scrolling="no">
>
> will be a badge that is running on the users end (opt-out).
>
> My question was how an admin can achieve to have be opt-in? (Now I
> understand that doesn't seem possible.)
>
> Couldn't you have
> "crypto.stanford.edu/flashproxy/embed_opt_in.html"
> and
> "crypto.stanford.edu/flashproxy/embed_opt_out.html"
> to make it possible to choose between them?
This is what I am thinking. Something like
<iframe src="//crypto.stanford.edu/flashproxy/embed.html?cookierequired=true">
<iframe src="//crypto.stanford.edu/flashproxy/embed.html?cookierequired=false">
The query parameters are easier to handle from a code point of view. The
way it works now is cookierequired=false. With cookierequired=true,
clicking on the badge will bring up a yes/no dialog, and set a cookie if
yes. I think it's reasonable for the cookie to grant permission across
all web sites.
David Fifield
More information about the tor-talk
mailing list