The Uncomplicated Web

Many believe the use of standard data formats prevents innovation. Web developers commonly use this to justify reinventing the square wheel: Compared to standards-based web pages, almost all ad-hoc contraptions exhibit worse accessibility, usability and performance characteristics. This prevents interoperability without providing new functionality.

The following guidelines serve to avoid needless complexity.

A web page must load fast.

A web page must not be annoying.

  • No pagination, except for collections of self-contained compositions or very long lists.
  • No account registration for read access.
  • Provide human-readable URLs.
  • Default font size 1em.
  • High contrast.
  • No autoplay.

A URL must always refer to the same resource.

A web page must use standard semantics.

  • Provide hypertext content in HTML.
    • No plugins.
    • No AJAX.
    • No PDF.
    • No LaTeX.
  • Embed media in standard formats.
    • <img>: GIF, PNG, JPEG or SVG.
    • <audio>: (MP3 or AAC) and Ogg Vorbis.
    • <video>: H.264+AAC and (WebM or Ogg Theora+Vorbis).
  • Provide hypertext content and media in Atom feeds.
  • Layout with CSS.
    • No vendor-specific CSS, use -prefix-free.
    • No JavaScript layout or typography.
    • No SVG layout.
  • Do not invent meaning.
  • Authenticate with HTTP basic auth over HTTPS.

A web page must be media independent.

  • Do not assume hardware, browser or OS.
  • Do not assume turing completeness.
  • Do not assume JavaScript.
  • Do not assume bandwith.
  • Do not assume plugins.
  • Do not assume fonts.
  • Do not assume CSS.

20. Mai 2013 von erlehmann
Kategorien: Rants, Technik | 10 Kommentare

Kommentare (10)

  1. HTTP basic auth over HTTPS – cool idea! Though I worry about having my password visibla cleary in the address bar of my browser. This could be fixed by browsers rendering the password in the address bar with “*”s. This would also prevent that somebody accidentally copypastes the URL somewhere. If the password part is only “*”s, then the user has to make a concious choice and retype his password.

  2. josch, you might be confusing something here. You can give username and password for HTTP auth in a URL – but when you login with HTTP auth, browsers do not display your credentials in the address bar.

  3. erlehmann, just tested this with firefox – indeed it doesnt do that. Good, good…

  4. If you need code: My blog software buddelblag contains a Python HTTP auth decorator example. Caveat: I am fairly sure that the login link is superfluous and the logout request should be a POST, not a GET.

  5. Hi erlehmann,

    Could you post some example sites, please? It would be nice to see some diverse results where your rules apply. If they are aesthetically appealing, great. If not, also great. Both results would give hints why the internet is used how it is used.

    I totally understand your demands, living at the moment in Johannesburg, RSA, where more people were introduced to the internet in mobile, compressed form than in any other way (maybe this is true for the majority of people from Africa?). Bandwith is scarce, slow or more expensive than in Europe. The eurocentric web developer standard (which has no problem in terms of speed or bandwith) affects browsing a lot, f.i. if hyperlinks are uncommented (destination, possible file size, etc.) or if even the first site loads so awkwardly slow that a tea can be brewed in between. [I am crucially aware that with the blogger/blogspot domain, I have not chosen a fast blogging tool thanks to AJAX/flash/etc. Only out of convenience I will stay there until I return to Europe, than I change]
    Thanks in advance, mro.

    PS This is another matter altogether: do you know a way (hyperlinks welcome) to ask via the shell (wget, aria2c) how large an internet file is (explicit filesizes in kb/mb etc)?

  6. I have not yet built a validator, but I plan to.

    Regarding file size, try a HEAD request and look for the Content-Length header: The shell command curl -sIL | grep Content-Length will give you the size in 8-bit bytes (octets).

  7. The validator would be very helpful, your shell command is already! Thx.

  8. in other words: :)

  9. HTTP basic auth over HTTPS is still a bad idea because HTTP basic auth doesn’t support passwords longer than 8 characters.

  10. Prove it.

Schreibe einen Kommentar

Pflichtfelder sind mit * markiert

Before you post, please prove you are sentient.

Was ist der Vorname von Franz Beckenbauer?