Well, and allowing some web site to execute script on your system strikes me as a recipie for hacker invasion. In that light it's a goofy thing for a security focused web service provider, Verisign in this case, to use given that they have far safer, non invasive options. Steve Holmes writes: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: RIPEMD160 > > Yes, I'm almost sure it is. I think what happens is Bookshare hands us > off to Verisign to process the order and at the end of the transaction, > This page comes up. Instructions leading up to this said that we are > supposed to completely return to bookshare for the transaction to > process correctly. Well, This page in its uneditted form confirms my > completed transaction and I did eventually get a confirmation e-mail > from Bookshare confirming this. > > I did write support at bookshare telling them my concerns as there was > another hitch in the process that made me think I might have been double > charged but this final page had a "confirmation number" which I hadn't > seen at any other time so I'm probably out of the woods on that one. > > You're right about the overkill of scripting just to provide a "return > to vendor" type link on a website. I think the biggest problem with web > forms and accessibility is the lack of description or titles for > buttons. How many times have you been to a site where the "confirm" or > "buy now"... buttons are never identified? If you're luck, you can > sometimes gleam a more accurate meaning of the button's function by > parsing information from the button's URL. > > On Tue, Jul 19, 2005 at 03:11:54PM -0400, Janina Sajka wrote: > > Fascinating. Thanks for posting. > > > > If I follow this correctly, the button is the code that reads: > > > > <script > > src="https://seal.verisign.com/getseal?host_name=payments.verisign.com&size=M&use_flash=NO&use_transparent=NO";></script> > > > > If I had to guess, I'd say this was a graphic intended to give you > > confidence in the Book Share SSL Certificate. But, why that requires a > > script, or to be wrapped in a div is beyond me. Might be worth a note to > > Book Share only because they may have better access to Verisgn for > > accessibility issues. I definitely think there are several accessibility > > issues with both the form and this "button." > > > > I don't think Book Share is authorized to just recode this, if it really > > is what I think it is. On the other hand, we need the financial services > > industry to get a better grip on accessibility, and our national > > organizations haven't made much headway in this regard yet. I suspect > > Book Share might get a at least a ripple of consciousness from Verisign > > out of this. At the absolute least they should know that one of their > > power users found the usage inaccessible--meaning that the bulk of their > > users would be even more befuddled. > > - -- > HolmesGrown Solutions > The best solutions for the best price! > http://ld.net/?holmesgrown > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.7 (GNU/Linux) > > iD8DBQFC3WlKWSjv55S0LfERA9EAAKCSaSXJNAI5fRfbmbFOCbzJhb+PpACg9c+Z > KB2nozqZPx3b51NS0IgfaKs= > =PSIL > -----END PGP SIGNATURE----- > > _______________________________________________ > Speakup mailing list > Speakup at braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup -- Janina Sajka Phone: +1.202.494.7040 Partner, Capital Accessibility LLC http://www.CapitalAccessibility.Com Bringing the Owasys 22C screenless cell phone to the U.S. and Canada. Go to http://www.ScreenlessPhone.Com to learn more. Chair, Accessibility Workgroup Free Standards Group (FSG) janina at freestandards.org http://a11y.org
