[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kfm-devel
Subject:    Re: Suggestion: cookie improvements
From:       Dawit Alemayehu <adawit () kde ! org>
Date:       2001-01-23 21:32:10
[Download RAW message or body]

Hello Keunwoo,

On Tuesday 23 January 2001 16:04, Keunwoo Lee wrote:
> Recently we had a lecture at our university about design of user
> interfaces for cookies.  The relevant paper, from our Library &
> Information School, is here:
>
> ftp://ftp.cs.washington.edu/tr/2000/12/UW-CSE-00-12-03.PS.Z
>
> A good, if verbose, outline of conceptual principles for cookies.  It
> occurred to me that Konqueror is doing a far, far better job than IE or
> Navigator (all the paper examines, predictably), but we could do even
> better.  Here are some improvements to Konqueror's feature set that could
> bring us closer to the ideas in the paper:
>
> + A "more information >>" button on the "Cookie Alert" dialog box.  This
> could provide more advanced options (like examining the cookie contents),
> as well as information for novice users about what cookies are, and what
> they are typically used for.

Already done for 2.1 except for the description about what cookies are.  IMHO
though this is something that can be defined in the quick help so any user can
click on the WhatisThis button and click on the dialog to get such description.

> + Clearly distinguish between 3rd-party ("send to any server") and
> domain-limited cookies.

This might be a good idea and indeed something to consider for 2.2...

> + Create a clearly labeled "Security and Privacy" menu/dialog, where we
> gather things like cookie policy etc. in one place.  A novice user may not
> understand that "cookies" are intimately related to privacy.  More
> information about SSL would be welcome here too.

This is on my TODO, but too late for 2.1... I also wanted to move other things
underneath  under "Privacy" such as the UserAgent dialog.  Will probably be
done for 2.2..

> + Better options for viewing/deleting individual cookies (I see in the
> source that we have stubs for this, so obviously it's on the agenda).
> Especially desirable would be the option to edit the expiration date on
> cookies (should also be doable from the "Cookie Alert"'s "more
> information" option): I may want to accept a cookie from foobar.com, but
> not one that expires in the year 2038.

Again already there now, except for the ability to edit the expiration date :) 
That seems to be the most request feature.  Yours is a bit different in that
you want it to be editable from the "Alert" box which IMO is wrong.  But
making it modifiable from the cookies managent dialog might be an option...

> + Distinguish between accepting cookies and sending them.  User may wish
> to send previously set cookies by some domain, but not accept new ones.

Hmmm... this indeed is a valid point and something to consider for later as well...

> Conversely, a user might want to accept some "any server" cookies (even
> though such cookies are evil), but *not* send them out to some servers.

This one is a big NO NO IMHO.

> + Distinguish between allowing server cookies and JavaScript cookies (the
> latter can be used to track behavior within an already-loaded page...).

This is doable as well.  Just an extra field...

> Now, principles are good, but talk is cheap, so I may take the time to
> hack these up sometime in the next couple of months (quite busy at the
> moment though, argh).  Of course, if someone else gets inspired and feels
> a burning need to implement it him/herself, I wouldn't mind :).

Well some of the things you mentioned have already done and the others
should not be that difficult ; so if I have more time in the future I will look into
it probably for 2.2 or whatever the next release is...

> It would be nice to have all of this in place for KDE 2.2, at least.
> Privacy is an important concern, and Konq has the potential to be even
> more of a leader than it already is.

No arguments there...

Regards,
Dawit A.

[prev in list] [next in list] [prev in thread] [next in thread]