Posts by xlq 14 publicly visible posts • joined 16 Aug 2011
"ModifyHeaders - some websites use If-Match, If-Modified-Since, If-None-Match, If-Range and If-Unmodified-Since HTTP Etags (http://en.wikipedia.org/wiki/HTTP_ETag) to determine whether you have visited them before"
Unfortunately, the Modify Headers add-on cannot block the caching headers. The add-on modifies the HTTP headers before Firefox adds the cache headers. To test, connect Firfeox to a netcat instance, send it an ETag, and see if it returns it.
One can use an HTTP proxy (e.g., Privoxy) running locally to block these headers instead.
It's nice that some writers still know when to end. I think it's better to end a series well than to drag it through a slow and painful death. It's nicer to finish a series and to have enjoyed it, rather than wading through dozens of the later, poorer episodes of a series, scavenging the last few laughs.
What is very worrying is the idea that you can convict something based on probability. Improbable things *do* happen. That is why they are improbable, not impossible.
And considering how many people there are in the world, if it is improbable that an event happens to one person, it is much more probably that it happens to *a* person.
What if someone next to you gets struck by lightning, and you are convicted of assault because it's more likely that you assaulted them than them getting struck by lightning? Bad example, but justice? Pah.
"I don't know if any one rembers in the last few months some one from a surgical department in a hospital who takes care of the instruments used reported that about 50% of instruments where unsafe to use because they where produced incorrectly by hand in Pakistan and India forceps that had sharp edges that where intended for heart opperations, scalpels with badly ground edges he had a display of some common failues he found that should not have left the factory let alone nearly made it into the opperating room and would have if he didn't find them."
It looks like you have run out of full stops. Here. Take these: ......................................
Wow! Multitasking! Samsung has caught up with 1970!
I don't get it. It's 2011. How can they proudly announce that their OS now does multitasking? It's 2011. Surely lack of multitasking is a great big deficiency. That you can do only one thing at once on "mobile devices" seems backwards and rather ludicrous.
HTTP is a stateless protocol, which means between page loads, the web server normally has no way to know who's who. Cookies solve that, by letting each visitor identify itself every request. It works as follows:
<visitor> I'd like to look at this web site.
<server> Sure, here's the web site. Also, next time you visit, give me this cookie (a number), so I know who you are.
... time passes ...
<visitor> I'd like to look at another page. Here's that cookie you gave me last time.
etc.
With this absurd legislation, the server would have to ask permission for the visitor to return the cookie? It doesn't make sense! It's up to the visitor to return the cookie!
Or maybe the exchange would be more absurd:
<visitor> I'd like to look at this web page.
<server> No, you didn't give me any cookies. You can't have accepted our cookie policy. Read this cookie policy instead, asking you to permit me to give you cookies.
* visitor reads page
<visitor> OK, I accept the policy.
<server> Who are you?
<visitor> I'd like to look at this web page now.
<server> No, you didn't give me any cookies. You can't have accepted our cookie policy...
The legislation is just a poor attempt at solving the problem that most users don't know how to control their software.
I said that I use the "Modify Headers" add-on to prevent this.
I found out today that the Modify Headers add-on doesn't actually work with cache-related headers like If-None-Match because Firefox inserts those headers before the add-on has a chance to filter them. That'll teach me not to check things!
Now I've installed and configured privoxy to filter those headers instead. It definitely works now.
Just wanted to point that out, so as not to leave misinformation in my name.
The ETag (entity tag) value is part of the HTTP protocol and is used for caching. It represents the version of a particular resource. On the first request, the browser stores the ETag value it received. On a subsequent request, the browser will send an If-None-Match header with the old ETag value, to avoid downloading the page again if the ETag value is the same.
All you have to do is use a unique identifier for the entity tag and the browser will later return it, just like a cookie. This isn't new. It's one of the methods evercookie (http://samy.pl/evercookie/) uses.
There are a few Firefox add-ons that you can use to prevent this. One that I use is "Modify Headers", which can be set to filter the If-Match, If-None-Match, If-Modified-Since, If-Unmodified-Since, etc. headers. (Yes, the last modification date can also be used for tracking.)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
