New URL redirect checks
On 16/09/2020 4:51 p.m., Simon Urbanek wrote:
I can't comment for CRAN, but generally, shorteners are considered security risk so regardless of the 301 handling I think flagging those is a good idea. Also I think it is particularly bad to use them in manuals because it hides the target so the user has no idea what hey will get.
I agree, and we do have \href{}{} in Rd files and similar in other
formats for giving text of a link different than the URL if the URL is
inconveniently long. There's still a bit of a security issue though:
the built in help browser (at least in MacOS) doesn't show the full URL
when you hover over the link, as most browsers do. So one could have
\href{https://disney.org}{https://horrible.web.site}
Duncan Murdoch
Cheers, Simon
On Sep 17, 2020, at 5:35 AM, G?bor Cs?rdi <csardi.gabor at gmail.com> wrote: Dear all, the new CRAN URL checks flag HTTP 301 redirects. While I understand the intent, I think this is unfortunate, because several URL shortener services use 301 redirects, and often a shorter URL is actually better in a manual page than a longer one that can be several lines long in the console and also potentially truncated in the PDF manual. Some example shorteners that are flagged:
db <- tools:::url_db(c("https://nyti.ms", "https://t.co/mtXLLfYOYE"), "README")
tools:::check_url_db(db)
URL: https://nyti.ms (moved to https://www.nytimes.com/) From: README Status: 200 Message: OK URL: https://t.co/mtXLLfYOYE (moved to https://www.bbc.co.uk/news/blogs-trending-47975564) From: README Status: 200 Message: OK
______________________________________________ R-devel at r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-devel
______________________________________________ R-devel at r-project.org mailing list https://stat.ethz.ch/mailman/listinfo/r-devel