Re: What about a sticky language browsing?
Joey Hess wrote:
> Damyan Ivanov wrote:
>> This seems acceptable to me. You follow a link to the German
>> translation of the web site and the site keeps that preference unless
>> you tell it otherwise (or ignore cookies).
>
> Lot of scope here for things like posts to Planet Debian
> containing "broken" <img> tags that change everyone's website
> language to Esperanto.
In which case, the practical effect is just a minor annoyance, and the
person responsible gets kicked out.
> Only way to fully avoid such mischief is to use a POSTed form with
> an XSS prevention token.
Or set the cookie with javascript.
But if you want to consider all the cases, then you should also think of
subdomains of debian.org setting a lang cookie for .debian.org, etc.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
Reply to: