←back to thread

Web page annoyances that I don't inflict on you

(rachelbythebay.com)
569 points todsacerdoti | 3 comments | 05 Jan 25 01:54 UTC | HN request time: 0.211s | source
Show context
ghxst ◴[06 Jan 25 07:03 UTC] No.42608396[source]
Something I wish more site owners would consider is that if you expose endpoints to the internet, expect users to interact with them however they choose. Instead of adding client-side challenges that disrupt the user experience, focus on building a secure backend. And please, stop shipping business logic to the frontend - especially if you're going to obfuscate it so badly that it ends up breaking on non-Chrome browsers because that's the only browser you test with.

Of course, there are exceptions. If you genuinely need to use a WAF or add client-side challenges, please test your settings properly. There are websites out there that completely break on Linux simply because they are using Akamai with settings that just don't match the real world and were only tested on Mac or Windows. A little more care in testing could go a long way toward making your site accessible to everyone.

replies(1): >>42608481 #
1. cookiengineer ◴[06 Jan 25 07:21 UTC] No.42608481[source]
This.

My favorite experience was trying to file taxes on Linux in Germany.

Turns out the backend on ELSTER had written code that if Chrome and Linux then store to test account. It wasn't possible to file taxes on Linux for over 6 months until they fixed it when they went online as a mandatory state-funded web service. I can't even comprehend who writes code like that.

Took me also a very long while to explain to the BKA that I did not try to hack them, and that they are just very incompetent people working at DATEV.

replies(2): >>42611223 #>>42621501 #
2. eviks ◴[06 Jan 25 15:14 UTC] No.42611223[source]
> I can't even comprehend who writes code like that.

The government. Case in point...

3. verzali ◴[07 Jan 25 11:52 UTC] No.42621501[source]
It sounds like the easiest solution would be to install another browser (e.g. Firefox) until they fixed the issue. If it is only the combination of Chrome and Linux that is the problem, that is.