[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: What about a sticky language browsing?

Joey Hess wrote:

> Damyan Ivanov wrote:
>> This seems acceptable to me. You follow a link to the German
>> translation of the web site and the site keeps that preference unless
>> you tell it otherwise (or ignore cookies).
> Lot of scope here for things like posts to Planet Debian
> containing "broken" <img> tags that change everyone's website
> language to Esperanto.

In which case, the practical effect is just a minor annoyance, and the 
person responsible gets kicked out.

> Only way to fully avoid such mischief is to use a POSTed form with
> an XSS prevention token.

Or set the cookie with javascript.

But if you want to consider all the cases, then you should also think of 
subdomains of debian.org setting a lang cookie for .debian.org, etc.

Raphael Geissert - Debian Developer
www.debian.org - get.debian.net

Reply to: