How to break the internet: Follow Standards

You're browsing without Javascript! If you have no idea what that means, you should ask your technical friend about it.
Otherwise - kudos. The website should work - with the exception of comments. You can learn what they are; however, by visiting /comments.py?postid=blog-break_the_internet_follow_standards
If it doesn't, please contact me and let me know.

29 Oct 2009 11:07:23 EST

This probably isn't news to anyone, but the only reason society functions is because people break the rules. If everyone followed all the rules, we'd always be stuck in traffic. Oh and the internet would break.

I'm not even talking about boring stuff like writing CSS how it's supposed to be written - I'm talking about instead of sending a browser the HTML page, how about sending it what it actually requests. You know, a ClickOnce App. You see, there's the concept of an Accept Header that a browser sends, that's supposed to control what the webserver sends you in response. If you ask for HTML, it sends HTML, if it asks for XML, it sends XML, if you ask for JSON - json. Seems reasonable right? It's all REST-y and full of best practices warm fuzzy goodness. You almost want to cuddle up with it it's so happy-feely. Except if anyone actually obeyed it everything would break.

You see, Windows provides a way to hook into the Accept Header that IE sends, and as Raymond Chen is so apt to point out - if you give developers a way to do something, they're gonna abuse it. So, if you happen to run Internet Explorer (with Office installed), this is what your browser is sending:

  GET /web/index.html HTTP/1.1
  Host: RecessFramework.org
  Accept: image/gif, image/jpeg, image/pjpeg, application/x-ms-application,
        application/vnd.ms-xpsdocument, application/xaml+xml,
        application/x-ms-xbap, application/x-shockwave-flash,
        application/x-silverlight-2-b2, application/x-silverlight,
        application/vnd.ms-excel, application/vnd.ms-powerpoint,
        application/msword, */*

So you're requesting, in order, a gif, a jpeg, a pjpeg, and then a ClickOnce App. And then a bunch of other Office apps and shit.

Now you can imagine just how quickly someone would get fired at Google, CNN, or Yahoo for deciding to actually honor IE's request. Good thing everyone ignores the Accept Header huh? (On the other hand, it's yet another way to identify IE users independent of User Agent...)

For more details on the header, what different browsers send, and some responses from the IE and Webkit teams, check out Kris Jordan's excellent post Unacceptable Browser HTTP Accept Headers (Yes, You Safari and Internet Explorer).

Comments

/comments.py?postid=blog-break_the_internet_follow_standards

Add a comment...

Name: required
E-Mail: required, hidden, gravatared
Website:
Comment: required, markdown enabled (help)

you type:	you see:
italics	italics
bold	bold
[stolen from reddit!](http://reddit.com)	stolen from reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"