Archive for July, 2005

Wot no body { background-color:white; } ?

Sunday, July 24th, 2005

Yesterday I had a good day at opentech which was good fun and met lots of intersting folk, but I missed an opportunity to ask a Yahoo Search bod - Jeremy Zawodny why their search site didn’t bother setting a background colour, so instead, I’m going to start what’s hopefully not a regular look at sites which fail…

All of the major brands on the web other than Amazon failed to do the most basic QA on their sites, and all of them suffer from developers who don’t really know the common pitfalls of designing. I don’t know why this is, but please sort it out, it really looks bad for your brand - go back to your style guides, and read the bit where it says white backgrounds…

Losing a customer with javascript

Sunday, July 17th, 2005

Javascript can do a lot of good on pages, it can also do some bad. has recently lost a lot of my custom simply because it’s done a few simple things with script which has left me annoyed when using it. It shows how easily you can break user models by adding script to existing pages.

The first problem is specific to IE, Google sniff user agents and serve up different pages, they have some code like this:

<span id=hp style=\"behavior:url(#default#homepage)\"></span>if (!hp.isHomePage('')) { ... }

The problem here is that I have my IE with behavior’s disabled as there’s nothing useful that the built in behaviors do, and the user ones tend to leak so much memory and bandwidth due to the various bugs in them and are only really used to add semi-transparent PNG’s on the web - another thing I would really love to do without! However in this state the above code just throws a javascript error, since without the behavior the hp object doesn’t have an isHomePage method. Google scripters should have predicted this, and a well designed test script on a site serving hundreds of millions of people should have picked it up too. A more normal site may not be worth testing all possible IE configurations, but would you want to lose a customer in that state? Defensive coding would not have annoyed me here.

The next big problem is the onload focus the first text box, these breaks my use model in a couple of ways. The first is the previously mentioned onload is too late. What I’ve always done with google is typed into the box, then tabbed to the search box and pressed space, with the onload focus change, now 1 time in 30 or so the space instead of activating the button puts a space in the search box, completely useless, and I’m an annoyed user again.

Google’s an important site for me, it works well as a search engine, and blocking scripts on google whilst successful here, would mean I couldn’t log into GMail, which I do use (mainly because the W3C lists unsubscribe me if I bounce the spam that find its way onto their mailing lists, so I use it for lists.) Fortunately there is a work-a-round, I can use with scripts blocked and the toolbar configured to use it. This means google don’t get to track what link I click on with their image check onmousedown, but maybe that’s a good thing considering how much tracking they do of everyones activity.

However as they’ve kept making the site more and more unusable as time’s gone by, I’m going to try and wean myself onto another search engine. I managed to make the google toolbar talk to the MSN search engine - the toolbar search term click to find in the page is a feature I use all the time.

Add an ApplianceButtonSite value to HKCUSoftware\Google\NavClient\1.1\Options with a value of, and then you can add a new button to the toolbar to search MSN instead. Hopefully that will be enough to start moving me to a new search engine, rather than one which keeps making its UI worse.

Firefox and Security

Thursday, July 14th, 2005

Firefox 1.0.5 was recently released and it fixed some now published security flaws, nothing unusual about this, and great that they were patched so quickly, the problem comes when I visit the FireFox front page it offers me:
Firefox 1.0.4 for Windows, English (British) (4.7MB). This isn’t good, on hearing about the flaws, the first thing people are going to do is download the latest version and think themselves safe, they wouldn’t be here, 1.0.4 isn’t the latest version.

It seems the problem is due to a possibly useful feature of the page, it looks at your accept-language header and picks out the most appropriate download for you, unfortunately though because the local versions come out later - packaging takes time of course nothing unreasonable there - it means I’m being offered the vulnerable version. Should be simple to fix, the script just needs to make sure it’s offering the latest version before it offers the regionalised one. Unfortunately and are down right now, so I can’t even report this, maybe a blog post will be quick.

The Javascript Archive Network

Thursday, July 14th, 2005

Javascript Archive Network is a new site which claims to be “a comprehensive resource for Open Source JavaScript libraries and software.”, unfortunately simply accessing the site in my IE6 generates two script errors. So it’s not a good start. The authors also desperately need to set a background colour - people, please stop making this mistake!.

So what’s the error, the first is that the HTTP variable is just used without being checked that it exists first, a common error, but one scripters must stop making if the quality of their scripts are going to go up, anyway it’s unfair to criticise the page, it’s really the scripts that matter - So I’ll probably criticise those instead, it’s what normally seems to happen in this blog…

Well I’m not, it’s got a lot of crap in it, it’s got a some good in it, just like CPAN has, what’s really missing is some way to identify the good stuff from the bad stuff, CPAN you can generally do this simply because of the longevity and the breadth of the archive. Hopefully the same could happen with JSAN, but until, maybe there should be some sort of review process on scripts, so that competent scripters get in there and highlight bad things in the scripts. Of course that’s difficult to organise, hopefully adding a comments system to the packages would be a quick cheap way of at least allowing people to comment on scripts, so I’m off to ask the founder bod.