window.location considered harmful

I have noticed a disturbing trend recently. More and more I am finding web pages that redirect to other web pages using Javascript instead of using the standard http redirect return codes. The http protocol has a method built into it to redirect a browser from one URL to another. There are two such
return codes, “301 Moved Permanently” and “307 Temporary Redirect”. Any tool or browser that understands http is almost certainly going to understand these codes and do the right thing. And in the case of the 301, the right thing may even include updating bookmarks and other such bookkeeping.

However, I am seeing more pages that look like this:

<html>
<script>
window.location=”http://hostname/new/url/&#8221;
</script>
</html>

See the problem? This method of redirection assumes that the tool used to access the page understands Javascript (many do not) and has it enabled (also many do not). As a rule, non-browsers (such as search engines like Google) will not follow this redirection, nor will tools like curl or wget. And for people like me that do not enable Javascript by default for non-trusted sites, all I will get is a completely blank page.

Now, I understand the desire to do it this way. While the software for some web servers allows you to set the redirect for a page in the page file itself, many do not and those that do have no standard way to do it. If there is no way for you to create the redirect yourself, at least include a regular link to the new site like this:

<html>
<head>
<script>
window.location=”http://hostname/new/url/&#8221;
</script>
</head>
<body>
This page has moved to <a href=”http://hostname/new/url”>http://hostname/new/url</a&gt;
</body>
</html>

Also, you should avoid using the meta refresh method of redirection. You know the the one, the “you will be redirected in 5 seconds” thing. If the wait is long, then you end up wasting your time, if it is short then you can’t use the back button to back up past it. The http redirect again does the right thing. The browser does not display anything to the user, and it does not add an unnecessary entry into the browser history.

And worst of all, do not attempt to infer the capabilities of the browser from the agent string. This drives me crazy. I know one web site that uses the Javascript redirect if it thinks that your browser supports Javascript and the meta refresh method if it thinks it does not. Unfortunately, they almost always get it wrong.

Technorati tags: topic:[html],topic:[webdesign],topic:[javascript]

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: