Jump to content
Kas Ob.

Few do-not in website

Recommended Posts

Trying to login to https://quality.embarcadero.com/login.jsp triggered me and i want to give an advice to everyone 

 

Look at other websites before designing your own, and don't violate your visitor privacy for gain or out of stupidity, this will not run well with the current laws.

 

First 

The above link does ask for CAPTCHA in most ugly way, like this

image.thumb.png.1c3cde68cfc3d5ab37ad9e215ea30750.png

You can see clearly the autocomplete is hiding the thing, no page ever did that stupid thing with captcha under its input field,

 

Second

You want analytics for your site, then that is ok and within your right, but allowing some shady tracking stuff is a NO unless you are planning to sell your domain

I have many extensions in my browser to protect and filter out most the nasty stuff in the https://www.embarcadero.com page, so i went to an extra length to show you this salad

I you want analytics then pick one freaking method instead of using 102340 tracking method, without notifying your visitors, every one should by now have heard about GDPR, and delegating that shit to other 3rd-party doesn't absolve you from consequences.

image.thumb.png.455cac9106140ebd6709ded9ea5c32d4.png

 

image.thumb.png.4d9b1c1e4d2c71edb5a4e6f09442015f.png

image.thumb.png.0187d7c19d5bc7dbcf2e85e51383bea0.png

image.thumb.png.38cfe1150bd47b6139fa8077d71f33ca.png

So Facebook, Google, Tawk, batshit Bing, Twitter, Eloqua, and that very shady en25 script !! was it enough ?

 

 

Don't do that for your visitors, but if you need all of that then you might add yahoo to that orgy and you can ask publicly, we the visitor gladly can suggest few useful tracking links to violate your visitors privacy even more.

 

 

ps: many if you might heard about hidden pixels ( called tracking pixels sometimes) and here you can see them on your beloved site, now you can see it 

image.thumb.png.f392ac39a9febee8e899510976550770.png

 

  • Like 3

Share this post


Link to post
57 minutes ago, Kas Ob. said:

The above link does ask for CAPTCHA in most ugly way, like this

image.thumb.png.1c3cde68cfc3d5ab37ad9e215ea30750.png

You can see clearly the autocomplete is hiding the thing, no page ever did that stupid thing with captcha under its input field,

The login looks like the standard JIRA Server login page so it's probably designed by Atlassian. While they're not known for their usability skills I don't see a big problem with it.

 

You can blame the autocomplete on your browser.

 

As far as the tracking on the main site goes, yeah that sucks. Luckily Firefox blocks all of it.

Share this post


Link to post
12 minutes ago, Anders Melander said:

The login looks like the standard JIRA Server login page so it's probably designed by Atlassian.

Not saying i saw many Jira login pages but never seen this one anywhere, also it is fully customizable as always.

 

14 minutes ago, Anders Melander said:

You can blame the autocomplete on your browser.

My browser autocomplete never failed me 😎, it is always working and never crash my browsing sessions, will not blame it.

Share this post


Link to post
14 minutes ago, Kas Ob. said:

Not saying i saw many Jira login pages but never seen this one anywhere, also it is fully customizable as always.

It's Atlassian. If you want to customize the UI you will have to modify the source and probably recompile JIRA. I think Atlassian invented suckage.

Embarcadero has customized it a bit but I'm guessing they did that by tweaking the CSS. Here's what the standard JIRA Server 7 (they're on v6) login looks like:

image.thumb.png.1cde58b5a2aa53af3faaa76b5803cca3.png

 

 

14 minutes ago, Kas Ob. said:

My browser autocomplete never failed me 😎, it is always working and never crash my browsing sessions, will not blame it. 

So your browser is able to autocomplete captchas? Impressive! Must be that there new artificial intelligence thing I've been hearing about... 🙂

 

 

  • Like 1

Share this post


Link to post
22 minutes ago, Anders Melander said:

So your browser is able to autocomplete captchas?

I used autocomplete and that was wrong wording, i didn't mean autofill.

Share this post


Link to post

@Anders Melander, so ok, they use Jira... I know you said that to add information in order to cater for the OPs ruminations.

 

But i cannot refrain... All decisions are decisions and someone "took" them.

 

M: So we want a captcha.

DV: It's a bit tricky in Jira.

M: So do trickery, then.

DV: OK.

Result: nobody no-one not anyone "own" or remembers this. Kas Ob (and me) suffers...

 

Should have been (1):

M: So we want a captcha.

DV/A: Why?

M....

Result: working login Jira page.

 

Should have been (alt 2):

M: So we want a captcha.

DV: It's a bit tricky i Jira.

A: Why do we want a captcha? Why do we need Jira? What is would the results of a "trick" be?

DV/M/A: [5 hours of weighing scenarios] Fuck captcha!

Result: working login Jira page.

** or **

 

Should have been (alt 3):

M: So we want a captcha.

DV: It's a bit tricky i Jira.

A: Why do we want a captcha? Why do we need Jira? What is would the results of a "trick" be?

DV/M/A: [5 hours of weighing scenarios] Fuck Jira!

Result: Neat and nice clamped down system for doing what is important. Happy Kas (and me)!

 

** or **

 

Should have been (3):

M: So we want a captcha.

DV: It's a bit tricky i Jira.

A: Why do we want a captcha? Why do we need Jira? What is would the results of a "trick" be?

M/A: [5 hours of weighing scenarios] Fuck the DV, get his a** kicked!

Result: Better Emba.

 

My $.005

  • Haha 1

Share this post


Link to post
5 hours ago, Kas Ob. said:

ps: many if you might heard about hidden pixels ( called tracking pixels sometimes) and here you can see them on your beloved site, now you can see it 

image.thumb.png.f392ac39a9febee8e899510976550770.png

 

 

It's kind of funny that they (fb) used the path "tr" for that endpoint. TRacking.

Why did you put the red square on the google gets above and below?

Are you saying the above and below requests are related or is it to emphasize the double square to the right?

Share this post


Link to post
4 minutes ago, Dany Marmur said:

Why did you put the red square on the google gets above and below?

Are you saying the above and below requests are related or is it to emphasize the double square to the right?

Good question, although squaring google gets is a mistake,

look at how manipulative is that, it is done twice by Facebook tracking and identifying system to insure they received your specific information, once with GET and the information are loaded in the path, the second was with POST and the load in the http header and to bypass many filters the request had 0 byte response, in other cases you will see dropped connection without even a response like 200, this and many other tricks are used to fool filters and known blocking methods.

 

Also want to recommend everyone to disable cross site cookies, it is very important and without disabling it in your browser these sites will continue to track every page you visit, Google "prevent cross site cookies" for more information.

One more thing, the welcome page in the IDE is first thing i remove, but does anyone know what embedded browser allow or bring to you? it is for everyone to decide.

Share this post


Link to post
8 minutes ago, Dany Marmur said:

But i cannot refrain... All decisions are decisions and someone "took" them.

I don't get this moaning about the captcha at signup. AFAIK it's an standard option in JIRA so it's easy to turn on or off. There's no effort involved.

My physic powers are limited so I don't know why they chose to enable it but I'm guessing they had a good reason. Apparently others know better.

 

I agree that it would be better to have the captcha above the input field but it isn't really something I can get upset about. Click another field, read the image, enter the text and move on.

Share this post


Link to post
17 minutes ago, Kas Ob. said:

Also want to recommend everyone to disable cross site cookies

You mean "client side", in all invocations of all the browsers i personally use?

 

Server-side i deliver *everything* from the same server. No CDNs, no trickery, no 3rd party anything. Just knockout.js (and bootstrap but that sh*t that will be purged in 6 months hopefully, meaning jQuery will go away too).

 

Thanks!

Share this post


Link to post
1 minute ago, Dany Marmur said:

You mean "client side", in all invocations of all the browsers i personally use?

Yes, meant the browsers aka client side.

  • Like 1

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×