On Sun, Oct 07, 2012 at 11:08:15AM +0200, Sebastian G. <bastik.tor> wrote: > Thank you for the detailed information. > > >> How can it be achieved that the badge is only active after it has been > >> clicked? > > > > What this means is that the JavaScript would run, but not actually do > > anything until clicked. > > My question wasn't precise enough. As far as I understand it now, a > website owner (admin) can't choose between opt-in and opt-out, right? > > I assumed that > > iframe ="//crypto.stanford.edu/flashproxy/embed.html" width="80" > height="15" frameborder="0" scrolling="no"> > > will be a badge that is running on the users end (opt-out). > > My question was how an admin can achieve to have be opt-in? (Now I > understand that doesn't seem possible.) > > Couldn't you have > "crypto.stanford.edu/flashproxy/embed_opt_in.html" > and > "crypto.stanford.edu/flashproxy/embed_opt_out.html" > to make it possible to choose between them?
This is what I am thinking. Something like <iframe src="//crypto.stanford.edu/flashproxy/embed.html?cookierequired=true"> <iframe src="//crypto.stanford.edu/flashproxy/embed.html?cookierequired=false"> The query parameters are easier to handle from a code point of view. The way it works now is cookierequired=false. With cookierequired=true, clicking on the badge will bring up a yes/no dialog, and set a cookie if yes. I think it's reasonable for the cookie to grant permission across all web sites. David Fifield _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
