Wednesday, November 30, 2005

One more thing to make "next blog" suck less.

I forgot one very big thing in my previous post about un-suckifying the blog browsing option here at Blogspot/. It's so important I'm prepending it to my list: 0. Get rid of the damned browser-hijacking blogs! And if you refuse to get rid of them, at least exclude them from the "next blog" matches. This is a general problem that has been much discussed around the web already. In short, Blogger's liberal content policy - allowing any Javascript and HTML you like - allows asshat bloggers to hijack your browser. One manifestation is the removal of some or all of the "BloggerBar" - thus generally ending a session of blog browsing, thus frustrating the user and generating Angry Thoughts about this whole "next blog" concept. Another very common manifestation is popup ads (and so-called "popunders") - including the full range of dirty tricks to get around popup-blockers. Today I saw a devilishly clever variation on this: the popup-generating script left the BloggerBar intact but removed the "Flag?" button, making it effectively impossible to complain about the offending blog. For the record, I suspect that was one from the weasels at, but I can't prove it yet. Then we have the somewhat less common "shock and awe" variation: a complete effective takeover of your browser session using plenty of black-hat scripting magic. Ironically, those ones tend to be people showing off (to whom exactly?) and not spamming for dollars. With all these negatives, why allow scripts and embedded objects? I had occasion to think about this not too long ago, and I could only think of two reasons. First, this liberal content policy has presumably been here from the start, and Blogger/Google may be afraid of offending people by removing a "feature." Second, a lot of cool "" goodies like the Flickr photograph I have on this blog require Javascript and/or Flash. A possible third reason: it's hard to automatically tell the difference between "good" and "bad" script content. Hard but not impossible, and Google isn't exactly short on PhD's nor on code monkeys nor on cash, so I can't really count that one. (Hey Sergey: if you don't know how to do this, drop me a line and I'll explain it to you free of charge.) So, in essence, as best I can fathom it, we're stuck with these evil blogs on because Glogger can't figure out how to keep up with the Joneses on features without pissing off their core users. Unfortunate, but fair enough I suppose. However, I think they can do better in the here and now, at least for the rest of us. The solution is simple, as I noted above: exclude anything with scripts/embeds/etc. from the "next blog" browsing area. For people like me who just want to plug in our Flickr photos or somesuch, have approved, interpreted symbols you can drop in your template (and also have some clicky-type way to get them in there without touching the templates). Example: $FLICKR(user=frostman,size=M,stream=DEFAULT,count=1) Come on guys, was that hard? And you only need to do it for the Big Famous Sites. For all the rest, just publish a nice little API. You guys are good at the API thing! Something that updates live and actually needs scripting or Flash? Let them register it and be subject to a "don't piss off our customers" license: $EXTERNAL(id=some-registered-id,block=div,user=frostman,widgets=10) Something I threw together last night and put on my home server? No problem, just don't allow scripting there either: $EXTERNAL(src=,block=div,foo=bar) I could go on, but nobody's paying me to write their blogging software for them. If you read this far without your eyes glazing over, I'm sure you get the point. Introduce it slowly and get people excited about the possibilities. But in any case, start with the "next blog" exclusion for scripted and embedded content. If you don't do that much, "next blog" will remain broken, even if you follow all my other suggestions.

No comments: