K-Squared Ramblings

Blocking IE6: You, Me and…PayPal?

On Thursday I stumbled across a campaign to Trash All IE Hacks. The idea is that people only stay on the ancient, buggy, feature-lacking, PITA web browser, Internet Explorer 6, because we web developers coddle them. We make the extra effort to work around those bugs, so they can actually use the sites without upgrading.

Well, yeah. That’s our job.

And a bunch of random websites blocking IE6 aren’t going to convince people to change. If I were to block IE6, or only allow Firefox, or only allow Opera, I’d have to have seriously compelling content to get people to switch. Mostly, people would get annoyed and move on. Who’s going to install a new browser just so they can read the history of the Flash? Or choose an ISP? Or buy a product that they can get from another site?

Slapping the User in the Face

It’s so easy for someone to walk away from your site. One of the tenets of good web design is to make the user jump through as few hoops as possible to accomplish whatever you want him/her to do. Every hoop you add is an obstacle. Too many obstacles, and they’ll just go somewhere else more convenient.

Back when I was following Spread Firefox, every once in a while someone would suggest blocking IE. Every time, people like me would shoot it down. Read the rest of this entry »

Foolish Links

IE9 to include alternative CSS.2012 standard instead of following anything remotely like the rest of the world.

Social tagging initiative from WaSP to physically tag bad web designers.

Opera hits 106/100 on Acid3 after discovering an Easter egg in the test.

The openSUSE mailing list announced OpenSUSE 4.1, with KDE 4.1, GNOME 4.1, MP41 support, OpenOffice 4.1, XEN 4.1, VirtualBox 4.1, and a 4-in-1 CD install.

Added: The Electronic Frontier Foundation has sent out a newsletter detailing its findings on a Congressional Listening program (apparently they monitor citizens for their opinions—who knew?), plans to move the EFF offices to an armored zeppelin, an NSA-sponsored social networking site (to “allow ordinary Americans to instantly share their private data with the government”), and Homeland Security’s conclusion that Wikipedia is a “Larger Threat Than Terrorism, Dixie Chicks Combined.” Sadly, the newsletter does not appear to be archived on the website.

Added: Virgle, a Virgin/Google joint venture to establish a permanent colony on Mars. Now seeking applicants for Martian pioneers. Takes the Google moon base from 2004 to the next level.

Added: A co-worker pointed out that all of YouTube’s featured videos are Rickrolls today. And it looks like Google is going all-out with some 15 hoaxes today. *whew!*

The Internet Storm Center is keeping a list as well.

Opera on Acid3: 100% (and now WebKit too!)

We may soon have a winner! It looked like WebKit was going to be the first to pass the Acid3 test, passing 98 of 100 sub-tests earlier today, but internal builds of Opera pulled ahead, and have just reached 100/100!

This doesn’t constitute passing the full test, as the resulting page needs to look exactly like the reference image, but it means they’re very close.

These fixes won’t appear in the upcoming Opera 9.5, since it’s in the stabilization phase as it approaches release (just like any new Acid3-related changes in Firefox won’t make it into Firefox 3), but will probably find their way into the next major version.

We’re in the home stretch. Opera’s nearly there, but WebKit is close behind. WebKit could still catch up while Opera polishes off the rendering issues, in which case Safari would be the first browser to pass both Acid2 and Acid3.

Congratulations to the Opera team, and best of luck in the final lap of the race!

Update: Just a few hours later, and WebKit has caught up, also passing 100/100. And as they point out, it’s a public build, one you can download and try out yourself! The race to pass is going to be very close. Though at this point, it’s almost certain that WebKit will be the first to be publicly accessible.

(via CSS3.info. More at OperaWatch and The Good Life.)

Acid(2) Stare

After looking at how Safari 3.1 handles the Acid2 test, and finding that under some circumstances/platforms it fails the test, I realized: that one line, with the eyes, has been the cause of most regressions in browsers that previously passed the test.

Rows 4-5 test fallback behavior for objects. The idea is that if a page tries to load an external resource, but can’t—the file is missing, the server’s down, the network’s slow, the browser doesn’t have the right plugin, etc.—the page can provide alternate content. And it can be nested, so you can try, say, a video clip that falls back to an SVG image that falls back to a PNG that falls back to text. Read the rest of this entry »

What’s Dynamic About It?

In my post on Webslices, I mentioned that the home page of my Flash site uses server-side includes instead of a static HTML file. But it doesn’t really update that often: maybe 3 or 4 times a month. Is it really worth building that file dynamically? Should I switch from SSI to something more powerful, like PHP, that will let me add headers so that repeat visitors won’t have to re-download the whole page except when it’s actually different? Or should I switch to a static file, with the same benefits but simpler? What am I actually building, anyway?

Looking through the code, I find:

Browser upgrade banners. People using old versions of Firefox (currently 1.5 or older) or Internet Explorer (currently 5.5 or older) get an “Upgrade to Firefox 2″ banner instead of the thumbnail of the current issue of the comic. This is just as easily done with JavaScript—and is done with JS elsewhere on the site. (I used to make some minor adjustments for other versions of IE, but I converted them all to conditional comments a while back.)

Last-modified date in the footer, pulled from the actual file. I’ve already got a script to update this in the static files, so it’s just a matter of adding it to my general update script. A two-minute, one-time change and I’ll never notice the difference.

Latest posts from this blog. Probably better done with an iframe, or maybe using AJAX. Drawback: either method would mean an extra request from the client. On the plus side, repeat visitors would be able to re-use the rest of the page, and only download the 5-item list.

Unique-per-day spamtrap addresses, hidden where harvesters might pick them up. But only a few of them still accept mail and feed it to filters. Mostly, they just waste spammers’ resources. I could easily either get rid of them or change the script to generate a new address with each update instead of each day.

So really, there isn’t much stopping me from using a static file for the most-viewed page on the site, with all the attendant savings in system resources, bandwidth, etc.

On the other hand, I keep contemplating switching to a database-driven system for the whole thing, which would make any changes now meaningless. But since I’ve been thinking about that since around 2000 or so, and haven’t changed it yet, that’s not exactly a blocker!

Update (March 30): I’ve made the conversion to a static file. The blog posts and browser upgrade banners are now done client-side (and run after the rest of the page is loaded), the last-modified date is part of the pre-processing script, and I just removed the daily spamtrap addresses. Now to see whether it actually improves performance.

Webslices and Revisiting Microsummaries

When the first Firefox 2 beta was released, I looked into Microsummaries, a feature that enables bookmarks to automatically update their titles with information. I concluded they were useful, but not for anything I was doing. The main application would be my Flash site, but it already had an RSS feed for updates, and a microsummary could only really include the most recent item.

Now the first IE8 beta supports Webslices. They’re similar in concept, but can include formatted data (not just plain text) and use microformat-like markup on the web page instead of a <link> element in the head.

I figured with two browsers supporting the concept, I’d give it a shot. I adapted the script I use to generate the RSS feed so that it will also take everything on the most recent day and generate a text file, which is used for the Microsummary title. For the Webslice, to start with I just marked up the “Latest Updates” section of the home page. Since I haven’t installed IE8b1 at home, I’m using Daniel Glazman’s experimental Webchunks extension for Firefox to try it out. Unfortunately the extension doesn’t seem to resolve relative links in its current state.

The real question, of course, is whether either technology offers anything better than what feeds can do now.

I think I’ll end up going the external-feed route for the Webslice as well, since it’ll use a lot less bandwidth than having a bunch of IE installations pulling the entire home page once a day. Plus since I’m using SSI on that page, it doesn’t take advantage of conditional requests and caching, and a static file will. But that’ll have to wait. Lost is on in 2 minutes, and after getting up earlier than usual this morning, I’ll probably be going to bed right after the show.

Update: I checked in IE8, and the webslice does work as expected. A few minor differences: Webchunks pulls in external styles, like the background and colors, while IE8b1 only uses styles in the chunk itself. Interesting bit: I’m marking up list items as entries, and IE8 is actually displaying them as a bulleted list, while Webchunks is simply showing the content.

So it at least works. Maybe tonight or Sunday I’ll see if I can refine it a bit.

Web News: Acid3 and IE8

Two items of interest today: First, the Web Standards Project has announced the completion of the Acid3 Test. Like Acid2, it’s specifically designed to test features that are in the specs, but that have incomplete, buggy, or nonexistant support in current web browsers. Acid2 focused primarily on CSS, and Acid3 focuses more on scripting.

Also, Microsoft has come to their senses and announced that IE8, when encountering a web page that says it was developed for standards, will actually treat it that way instead of treating it as a page that was designed for IE7. This is a much saner approach to the version targeting scheme, which as previously announced would have (depending on developer response) either frozen IE in place or forced us to go through the same process all over again next time.

Webbish Links

The WaSP Buzz recently posted several links to CSS resources, including a rather thorough CSS Reference at SitePoint.

The ISC reminds us that IE7 will be pushed out to WSUS next week, which should help get rid of IE6. Yeah, I’d rather more people switched to Firefox or Opera, but I’m at the point where I’d love to be able to stop worrying about IE6’s shortcomings when trying to build sites. IE7’s shortcomings are much easier to work around. (Sorry to keep harping on this!)

The inventor of Norton Antivirus talks about computer security and has some rather interesting ideas on what policies are worth pursuing…and what policies aren’t. Long passwords? Great for protecting a stand-alone machine, but on a 10,000 machine network, they only need to crack one. Patch everything? Not every vulnerability gets exploited. I’ll have to read the Slashdot thread when I have time; that should be really *ahem* interesting.

Getting a Hotel for Comic Con

Tomorrow morning at 9:00 PST, rooms in the convention block go on sale for this year’s Comic-Con International. I was going to write up a bunch of tips last week, but CCI beat me to it by launching their own blog, Staying In San Diego. Visit it today, because it’ll probably be swamped tomorrow. (Though if it’s actually hosted by TypePad, direct visits may not take it down.)

Update Wednesday Morning: Well, I made it through. Oddly enough, in exactly the same amount of time as last year. I had the confirmation number at 10:04. Weird.

Once again, I was completely unable to get through by phone. The website was hit and miss, and actually crashed at one point, serving up only a “500 Server Busy” error. Right after I entered my name and address for a reservation. Nice. The current blog entry is filling up with complaints from people having similar or worse experiences.

Update 2: The Beat has a growing comment thread as well, and notes that the con hotel blog is making noises about trying to get Travel Planners to fix the problems. I think having an official place where they can read exactly what people are going through is helping convey the fact that the reservation system is broken, and that it’s not just the imbalanced supply and demand for rooms. (end of update 2)

I’m going to repeat some of my criticisms about the actual website, which seems designed expressly to make it bog down under this load: Read the rest of this entry »

Net Links

ISC on Targeted Attacks

Hixie’s Natural Log: Come up with the best test for Acid3 Edit: Strike that, Acid3 has been completed.

Spies in the Phishing Underground (via Slashdot)

Rumbling toward IE8

My feed reader is filling up with commentary on Microsoft’s proposal to lock web pages to specific rendering engines (funny how it doesn’t sound quite so forward thinking when you put it like that). Rather than link to a lot of them, I’ll just link to Opera Watch’s post which collects quotes from various standards & browser people.

The IE7/IE6 ratio on this site is still holding above 1 for the month (yay!) at 33.6% to 28.3%.

Also interesting: last week we got our first visit from Internet Explorer 8. Just one visit to Katie’s analysis of Wolfram & Hart’s work comp liability, but it loaded the relevant images, styles, etc., so it looks like an actual browser visit (and not some bot using a fake UA, like the spambot that keeps trying to post comments as Firefox 9). More importantly, it actually came from an IP address that’s assigned to Microsoft and resolves to a microsoft.com hostname, so I think it’s the real deal.

The Right Tool…

I’ve been reading High Performance Web Sites and started thinking about how to apply the guidelines to my own sites (not to mention stuff for work). A lot of them are things I already do: minimize external resources, use compression & cache control, etc. Others are a bit out of reach for a personal site, like using a content delivery network. It got me looking at the way I use scripts, and reminded me of a change I made about a year and a half ago.

Way back when, I put a simple app on my Flash site: a team-name generator for teams of speedsters. It randomly generated a name from two lists, and provided a button to generate another one. I originally wrote it in PHP.

The funny thing was that it was the most-hit page on the site, because people would sit there and hit the button to generate a new name half a dozen times before moving on. And because it was a sever-side script, that meant not just another HTTP hit, but re-downloading the entire web page with only 2 words being different.

Eventually I realized it was much better suited to a client-side app. I rewrote the whole thing in JavaScript, using DOM functions to replace the name on the current page instead of reloading. I left the hooks to the PHP in place, so that it would still work for clients with JavaScript disabled.

• It was much faster — practically instantaneous, in fact.
• It used a lot less bandwidth — 40 KB (5 KB × 8 ) vs. 6 KB (5 KB + 1 KB) for a typical 8-name* scenario.
• Traffic stats more accurately reflected the page’s popularity, as it dropped from #1 to around #30–50.

* Based on a drop from 32,000 hits/month in July 2006 to 4,000 hits/month in September, with the rest of the site staying about the same, it seems people were hitting reload 7 times.

Stylish Links

2008: Year of the Layout Engine - CSS3.info takes a look at the four major categories of web browsers, and where they’re likely to go this year.

Also, Progressive Enhancement with CSS3. This is an approach I’ve been taking for quite a while, particularly with my personal sites, but it’s starting to creep into sites I’m building for work as well. Essentially: Build it to look decent in everything, but throw in enhancements to browsers that you know can handle them.

An example of progressive enhancement: the rounded corners on the tabs on my Flash site. They’re not critical to the design, but it does make it look better in Safari and Firefox. And in theory, Opera and IE will eventually pick up the capability. (Though in this case, since border-radius is still experimental, I’ll have to change the CSS when they do—so maybe it’s not the best example.)

Hey WaSP Webmaster: How to Fix Acid2

With internal builds of IE8 passing Acid2, a lot of people are looking at the Acid2 test with browsers that are supposed to comply… but don’t.

It looks like there’s a server error on www.webstandards.org, and I’m trying to report it—but emailing them is just kicking back “user unknown” errors, and the spam protection on their blog refuses to let me comment, claiming that my user-agent has changed since I read the post. Um, no, I may have looked at it with more than one browser, but the one that loaded it is the one that’s submitting it.

So, Web Standards People, you want to fix your test?

Fix your 404 page.

Rows 4-5 test nested <object> support. The intent of the spec is that if a remote object cannot be retrieved, the browser will instead display the content inside it, on the HTML page itself.

One of the objects is trying to load content from http://www.webstandards.org/404/. Normally this fails, and the browser displays the fallback content — the eyes on the happy face. Right now that page is returning an HTTP status code of “200 OK” instead of “404 Not Found” — so the browsers, including Opera 9, Safari 3, Konqueror 3 and Firefox 3 beta, are all dutifully showing the content of that page in a tiny rectangle with scrollbars.

Update: Thanks to several Slashdot posters for pointing out that the test author, Ian Hickson, has a second copy of the test that points to a different URL for the <object> fallback test, and currently works as expected.

IE8 will pass Acid2

Okay, this will mean nothing to most people out there, but to web developers, particularly those who use standards-based design to maximize compatibility with different browsers, this is monumental.

An internal build of Internet Explorer 8 has passed Acid2.

The Acid2 test was released in April 2005 to test a number of pieces of the HTML and CSS standards that, at the time, no modern browser handled according to spec. The purpose of the test was to prod browser developers into improving their products, and to do so consistently, so that developers would have more tools available for cross-browser sites.

At the time, Microsoft dismissed its its importance entirely. Even though they were working on rendering improvements for IE7, they stated that Acid2 was not one of their goals. Meanwhile Opera and Firefox were both in the wrong phase of their development cycles to make sweeping changes, so Safari jumped on it and became the first browser to pass. (Every once in a while I see someone say Opera was the first, and I have to wonder where they were.) Opera followed with version 9, and the Firefox 3 betas pass it as well.

With Gecko (Firefox), WebKit (Safari), Opera and IE accounting for the four biggest web browsers and the most popular minor browsers (Flock, Camino, Shiira, etc., plus IE shells like Maxthon), this shows unprecedented convergence among clients. It will be much easier to develop a cross-browser website that runs on IE8, Firefox 3, Opera 9+ and Safari 3+.

There are, of course, many aspects of the specs that aren’t covered by Acid2. And there are emerging standards like HTML5 and CSS3. And there are plenty of other bugs, quirks, and extensions among various browsers (IE’s bizarre concept of having layout, for instance, trips up all kinds of weird issues). And then there’s waiting for IE8 to be released, and moving people up from IE7, not to mention all the people we still have to move up from IE6. Full benefit is probably at least 3 or 4 years away. *sigh*

(via WaSP Buzz)