Posts Tagged ‘browsing’
How to handle Tor
I am a frequent user of the anonymization tool Tor. Regrettably, some websites are in the bad habit of blocking requests from Tor without a valid reason—and those that do have a valid reason (e.g. related to spam or malicious attacks) rarely handle the situation appropriately.
Bearing in mind that most Tor users are perfectly legitimate, these are the main errors:
-
Never telling the user that or why the request was blocked.
-
Blocking only parts of a page, creating the impression that something unrelated to Tor is not working, that something unrelated to the website is not working (e.g. a proxy), or that things are working (while they are not).
-
Excluding the user from functionality that is unrelated to the problem. For instance, many forums block Tor with the claim that they are afraid of spam. Well, if so, they may have a legitimate reason to block postings—but not reading! Further, if spam is the problem, then this is probably the wrong solution to begin with: Some combination of registration and verification (CAPTCHA, manual reply to an email, e.g.) would be more effective.
As a natural pendant, the following advice:
-
Do not block Tor (and similar services) unless you absolutely have too—or without bothering to find out what Tor is.
-
Explicitly tell the users that they were blocked and why. Use a message that takes into account that this is a blanket ban of a user group—not an individual misbehaving user.
-
Exclude pages in their entirety or not all. (Some special cases may exist, but none occurs to me at the moment.)
-
Never block users from functionality that does not enhance the effects of the ban (e.g. reading posts, when the purpose of the ban is to prevent writing posts).
Tabbed browsing
One of my pet peeves is sites that screw up tabbed browsing. I have already written an article on How incompetent webdesign breaks tabbed browsing, and will not repeat this discussion here.
However, I am currently in a less than brilliant mode after having added two pages to my blog, despite the anti-tab behaviour of WordPress, and I tend to get rid of my annoyance at things by writing about them:
Carelessly, I clicked on “Add new post” when I wanted to add the first. I soon realized my mistake, and moved on to “Add new page”, keeping the old tab open to copy the contents of the title and main text. So far so good.
Next I proceeded to add the second page, making sure to use “Add new page” to begin with. I made some previews and corrections, was about to hit “Publish”—and noticed that I am somehow on the “Add new post” page again! (Notably, my first attempt at a preview somehow started to reload the wrong tabs.) Now somewhat annoyed, I repeated again, making very, very sure to click on “Add new page”, made another preview, published, and proceeded to make sure that all links are as they should be in the various link listings. To my surprise they were not. I investigated further—and found that the page was somehow published as a post… I delete everything, start over again, and, fortunately, the third time was the charm.
Add to this that the “Preview” functionality is somewhat annoying, using an explicit target page in a manner that also breaks tabbed browsing. Notably, the natural way to open it for an experienced surfer is to manually open a separate background tab and only switch to that tab when (the lengthy) loading is over. The resulting page will, however, not share the target id, which makes for chaos. It would be better to leave these decisions to the user.
(The action names used above are a little approximative, for simplicity.)
Michael Eriksson's Blog 