|
|
| (2 intermediate revisions by the same user not shown) |
| Line 1: |
Line 1: |
| The goal of this project is to implement a solution that dynamically adjusts the User-Agent ("UA") HTTP header depending on which domain the data is being requested from, along with a mechanism to encourage users to actively take part in evangelizing.
| |
| Spoofing should only be used on websites that close out affected user agents unnecessarily without compelling reasons to do so, enabling small extra features on websites or entering websites that have good reason for closing out certain browsers are no target for this mechanism, at least not at this point.
| |
|
| |
|
| It might be a good idea to extend this even as far as the feature being available as an extension for a greater number of browsers, and showing a "this page discriminates users of some browsers against others" warning even in browsers that do work with a page, with a "more info" button that leads to the web service describing which browsers are discriminated in which way.
| |
|
| |
| This should be achieved through client-side code that is in the mozilla.org source code repository and built into the SeaMonkey suite by default (but also available to any other browser) as well as server-side code available from some public repository, which we will try to get deployed on some Mozilla server. All the code should be licensed under the standard Mozilla tri-license (MPL/GPL/LGPL).
| |
|
| |
| See also my [http://groups.google.com/group/mozilla.support.seamonkey/msg/bcb65044725f294f newsgroup post with wishes for that module]
| |
|
| |
| == Client Code ==
| |
|
| |
| The client-side code for this mechanism is the in-browser part that adjusts the UA header and notifies the user about that. It also needs to fetch new lists for to-be-spoofed domains from the server.
| |
|
| |
| === Backend ===
| |
|
| |
| *The backend code needs to hook into sending HTTP requests to websites and adjust the UA header depending on the domain the request is being sent to.<br>For this, it looks into a locally stored list of domains, and if the currently requested domain is on that list, it uses the spoof technique being specified in the list. This can be adding " (like Firefox)" to the string or something like that, up to using a fully custom UA string specified by the list.
| |
| *Additionally, the backend code needs to be able to automatically fetch new spoofing lists from the server through techniques similar to what Firefox' phishing filter or auto-update functions use.
| |
|
| |
| === Frontend ===
| |
|
| |
| *The browser needs to notify the user through a browser notification bar (like in [http://home.kairo.at/?d=g&p=16069&f.m=orig this image]) that it makes the website believe it is a different browser - transparency is important. This notification also gives us the possibility to display a "More Info..." button that opens the server side's info page (see server code section).
| |
| *We need to offer preferences to activate and deactivate the mechanism and to adjust auto-download of spoofing lists. It may be nice to give power users the possibility to temporarily disable spoofing for a certain domain for testing, but we probably don't want to clutter the normal user's interface with that.
| |
|
| |
| == Server Code ==
| |
|
| |
| The server side manages the spoofing lists that are auto-updated by the client, and provides entry points for tech evangelizing through users.
| |
|
| |
| === Spoofing Lists ===
| |
|
| |
| *Spoofing lists should be available for manual and automatic download for the user/client. It may be a good idea to have them versioned/dated for easy checking auto-update mechanisms, but that may also not be necessary.
| |
| *The spoofing lists should be managed by the community, users should be able to get new domains added - this process might need some moderation though.
| |
|
| |
| === Info page ===
| |
|
| |
| *For every domain in the spoofing list, the server offers an info page, which lists when the domain was added, who added/moderated it into the public spoofing list, what spoofing mechanism is used and why.
| |
| *The page also lists contact possibilities for tech evangelism as far as they are known, possibly also any known replies of admins to evangelism efforts and how far users are encouraged to help in evangelism efforts for this website.
| |
| *Possibly a user comments area can be added to the info page as well.
| |