Just in case your blog is Top Sekrit

[sorry, this post is written in Incomprehensible Geek. If you don’t understand what the four letters and three characters before “www.johnband.org” on your screen to the top-left of this post mean, then it’s not for you. On the other hand, if you’re using a browser esoteric enough that the address isn’t displayed Up Top, then it almost certainly is.]

Does anyone know of a blog that’s hosted on a secure http site? Or perhaps more relevantly, can anyone think of a reason why the hell anyone would choose to host their publicly accessible blog on a secure http site?

What about ftp? Does anyone write a blog in text documents and upload it to their ftp server? Does this strike you as a sensible thing to do? How about writing your blog on Usenet and linking to articles in a “news:xxxx-xxxx-xxxx-xxxx” format? No? How about hosting it on a telnet server, for that true retro 1980s feel?

Let’s be honest, here – if you have a blog, then its URI will always, always, always begin with “http”. So why the sodding hell do some of the comedians who write blogging comments software insist on you including the protocol when asking you for the site address? ‘Ah yes, thanks for rejecting my comment there; after all, I didn’t specify the protocol, and wouldn’t want people to miss my amazing Gopher page’.

Eejits. Just because you’re programming a computer, doesn’t mean you have to accept the same degree of meaningless anality about your inputs that a machine would…

5 thoughts on “Just in case your blog is Top Sekrit

  1. Yes – I think it might have been the only blog ever to have been based on Access and ASP [actually, there are probably some corporate blogs at IIS shops that do the same. Poor misguided fools…]. And I wrote a script that added an "http://" when appropriate, which I /think/ worked OK…

  2. The CIA's website is all https, so if they ever did set up that internal blogging platform I recall hearing about, your https blogs are right there.

  3. My first blog was self-built. Coldfusion (rather than ASP) and Access. I had a short script that checked to see if a URL started with a recognised protocol (there's not a huge number of protocols, so putting them into a list and looping through it doesn't involve much additional processing when it comes to validating form entry, above and beyond whatever regular validation you do). If no protocol existed, it prepended "http://" and Bob was my uncle. I've never understood why so many developers don't take a little more time to sort out form entry and validation. For the few extra minutes it takes, you address 90% of the problems people will have, in practice, with your site.

  4. Future proofing, innit – just because a protocol hasn't been invented yet, doesn't mean you might not want your comment to link to it.

    And you don't want to be looping over a hard-coded list of protocols either, better to check for xxxx: at the start and assume it's http:// if that is not there.

    ^[a-z0-9+.-]*: would be the regex to use.

    (Do I win a prize for geekery above and beyond the call of duty?)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.