[mythtv-users] visit from googlebot

Jacob Steenhagen jacob at steenhagen.us
Tue Oct 3 12:36:24 UTC 2006


> The reason why I feel the Recorded Programs page is a good case for
> ignoring the recommendation is because there is only one way to do a
> POST request from HTML--with an HTML form. Imagine having 176 (my
> current number of recordings) forms and/or buttons on that page. And,
> while it's possible to use JavaScript to submit a POST request in
> response to clicking a link, there are many browsers that don't support
> JavaScriptk, and I'm pretty certain Chris is trying to ensure that at
> least one theme doesn't require JavaScript.

Another way to handle this is to have the link bring up an "are you sure"
page that contains the form. The JavaScript version pops up a message box
asking if it's OK, but the non-JavaScript has no confirmation at all and
simply deletes as soon as the link is clicked.

> So, the best thing to do is keep the Google bot off your website. After
> all, even if Google doesn't delete the recordings for you, there are
> plenty of cretins out there who do Google searches to find unsecured
> MythWeb applications and go in and wreak havoc by changing settings or
> recording rules, deleting recordings, or illegally downloading
> videos/recordings (which could put you in the RIAA's/MPAA's
> crosshairs--even if you're not in the US)

I agree 100% that the best way is to keep unauthorized users out. That's
why I run my MythWeb on an SSL connection protected by a password. Perhaps
other solutions could be put in place to try to protect users from
themselves in that regard. Something as simple as looking for the
environment variable apache sets when you auth w/an .htaccess file and
refusing to continue if it doesn't exist. (There could be a config option
to disable that for people that insist on running unsecured or have
another means of securing their site).

-- 
http://www.steenhagen.us/~jake/blog/


More information about the mythtv-users mailing list