Edit comment LC-1991 for Mobile Web Best Practices Working Group

Quick access to LC-1978 LC-1979 LC-1980 LC-1981 LC-1991 LC-1992 LC-2159

Comment LC-1991

Comment Shortname:

Commenter: Francois Daoust <fd@w3.org>

Message-id:

Section of the document concerned:

[Free text description]Document as a wholeW3C mobileOK Basic Tests 1.0 W3C Working Draft 10 June 2008 Abstract Status of this Document Table of Contents Appendices 1 Introduction 1.1 Levels of mobileOK 1.1.1 mobileOK Basic 1.1.2 mobileOK Pro 1.1.3 Out of Scope 1.1.4 Beyond mobileOK 1.2 Applicability 1.3 Claiming mobileOK conformance 2 Conformance 2.1 Use of Terms must, should etc. 2.2 Validity of the Tests 2.3 Testing Outcomes 2.4 Conduct of Tests 2.4.1 Order of Tests 2.4.2 HTTP Request 2.4.3 HTTP Response 2.4.4 Meta http-equiv Elements 2.4.5 CSS Style 2.4.6 Included Resources 2.4.7 Linked Resources 2.4.8 Validity 2.4.9 White Space 3 mobileOK Basic Tests 3.1 AUTO_REFRESH and REDIRECTION 3.2 CACHING 3.3 CHARACTER_ENCODING_SUPPORT and CHARACTER_ENCODING_USE 3.4 CONTENT_FORMAT_SUPPORT and VALID_MARKUP Note: In the following, an "html document" is a document th... Note: In the following, "regardless of its stated DOCTYPE"... Note: In the following, "a known XHTML version" means XHTML... 3.5 DEFAULT_INPUT_MODE 3.6 EXTERNAL_RESOURCES 3.7 GRAPHICS_FOR_SPACING 3.8 IMAGE_MAPS 3.9 IMAGES_RESIZING and IMAGES_SPECIFY_SIZE 3.10 LINK_TARGET_FORMAT 3.11 MEASURES 3.12 MINIMIZE 3.13 NO_FRAMES 3.14 NON-TEXT_ALTERNATIVES 3.15 OBJECTS_OR_SCRIPT 3.15.1 Object Element Processing Rule 3.16 PAGE_SIZE_LIMIT 3.17 PAGE_TITLE 3.18 POP_UPS 3.19 PROVIDE_DEFAULTS 3.20 STYLE_SHEETS_SUPPORT 3.21 STYLE_SHEETS_USE 3.22 TABLES_ALTERNATIVES 3.23 TABLES_LAYOUT 3.24 TABLES_NESTED A Acknowledgments (Non-Normative) B References (Non-Normative) BestPractices CSS GIF JPEG POWDER RFC 2119 RFC 2616 RFC 2617 Techniques UTF-8 WCAG XHTMLBasic11 XHTMLModularization XML10 XML11 C Relationship between Best Practices and mobileOK Tests (Non-Normative)
or

Refinement of the section concerned:

Status:

open proposal pending resolved_yes resolved_no resolved_partial other assigned to Nobody

Type: substantive editorial typo question general comment undefined

Resolution status:

Response drafted Resolution implemented Reply sent to commenter

Response status:

No response from Commenter yet Commenter approved disposition Commenter objected to disposition
Commenter's response (URI):

Comment:

* About the treatment of HTTP Status 401:
- Why should tests be applied to the response body of such an HTTP
response? The body will never be touched by any browser during the first
pass (when authentication credentials have not already been sent)
AFAICT. Besides, it wouldn't make any sense to display the resource if
it's an included image for instance. It's perfectly normal to count the
response in EXTERNAL_RESPONSE and PAGE_SIZE_LIMIT, but I suggest
updating the "Carry out tests on the response" to "Do not carry out
tests on the response", especially given the fact that the tests FAIL
when credentials are wrong (and so there's no need to test the response
body anyway even for the second pass)
- "Re-request the resource using authentication information" could
deserve some clarification. What if the checker doesn't have any
authentication information? I would clarify this with "Re-request the
resource using authentication information if available or FAIL" (where
FAIL would be HTTP_RESPONSE-7)

Related issues: (space separated ids)

WG Notes: Propose to resolve as "partial". We kept the part on running the tests on the 401 response. We clarified that the test should FAIL if authentication information is not available.

Resolution: On your first point, we think that the tests should be carried on the response body because, as specified in the HTTP (RFC 2616) section 10.4.2 401 Unauthorized, the body of the HTTP Status 401 response should be presented to the user if the authentication fails: "If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity might include relevant diagnostic information" On your second point, we think that the text deserved to be clarified and updated the relevant part to state: "If authentication information was supplied in the HTTP request (i.e. authentication failed) or if no authentication information is available, FAIL" See: http://www.w3.org/2005/MWI/BPWG/Group/Drafts/mobileOK-Basic-1.0-Tests/080707r#http_response

(Please make sure the resolution is adapted for public consumption)