[thelist] Site check: Staples.com

[Shawn K. Quinn]

On Tue, 2005-09-20 at 17:20 +1000, Ken Schaefer wrote:
  [I wrote:]
> > There is. It's broken. You buy a car with an obvious defect straight out
> > of the factory, the dealership fixes it at no cost, paid for by the
> > company that made it. I don't think it's unreasonable to expect software
> > companies to work the same way.
> 
> What evidence (other than your opinion) do you have that it's broken? Site
> seems to work perfectly well for me.

The fact that I got a blank page. Thus, it's broken.

> > Yes it is, the same way running every program you get in an e-mail is
> > poor security practice.
> 
> Again, your opinion only.

And that of CERT, as well.

> > I do, for sites that I trust, and only sites that I trust. Everybody
> > else falls back to the non-script alternative.
> 
> So, it's not poor practice. It's a risk.

No, it's poor practice. Quit playing word games.

> > So are people with >$1,000,000 annual income. Are you as quick to write
> > them off as a tiny minority?
> 
> It's all about what makes good business sense. I'm astounded that your fail
> to see that.

Turning away *any* customer based on arbitrary criteria, such as their
browser type, is poor business sense.

> There are *costs* involved with catering to any particular configuration. 

I'm not asking that they cater to any one configuration, just that they
do what works, according to the RFCs and standards, 100% of the time. I
have yet to see an HTTP code 301 or 302 redirect fail to work.

> Unless there's a payoff, there's no point spending the money.

Then don't spend it to go fix it later. Make it right the first time so
the money can be spent on better things. To do otherwise and turn
customers away for no good reason is poor business sense.

-- 
Shawn K. Quinn <skquinn at speakeasy.net>