Rewrite the "removing features" section, incorporating "Support Existing Content" from the HTTP Design Principles #588
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
@@ -307,22 +307,39 @@ it might still be possible; see [[#removing-features]]. | |||||||||||||||||
|
|
||||||||||||||||||
| Do not assume that a change or removal is impossible without first checking. | ||||||||||||||||||
|
|
||||||||||||||||||
| <h3 id=removing-features>Prioritize compatibility when changing or removing features</h3> | ||||||||||||||||||
|
|
||||||||||||||||||
| Before changing how a feature behaves, | ||||||||||||||||||
| understand how websites are currently using it. | ||||||||||||||||||
|
|
||||||||||||||||||
| Gaining a good understanding might require research, | ||||||||||||||||||
| for example by adding metrics to a widely-used user agent | ||||||||||||||||||
| or by [searching the HTTP Archive](https://har.fyi/guides/getting-started/). | ||||||||||||||||||
| Breaking content harms users, | ||||||||||||||||||
|
There was a problem hiding this comment. Re @martinthomson's comment, I think we might have a higher-level principle that "The web is stable", which can cover both keeping backward compatibility and ensuring some forward compatibility. I'm inclined to try to merge this change, and then add that one, but I could reverse it if folks prefer. There was a problem hiding this comment. I think you're fine to commit this first. |
||||||||||||||||||
| and the benefit of a change has to | ||||||||||||||||||
| significantly outweigh that harm to be worth doing | ||||||||||||||||||
| [[the-web-is-unversioned]]. | ||||||||||||||||||
|
|
||||||||||||||||||
| The obligation to understand existing usage | ||||||||||||||||||
| also applies to non-standardized or unspecified features | ||||||||||||||||||
| that content relies upon. | ||||||||||||||||||
| This includes vendor-proprietary features and | ||||||||||||||||||
| implementation bugs. | ||||||||||||||||||
|
|
||||||||||||||||||
| Despite this, it is sometimes acceptable | ||||||||||||||||||
| to break some existing content | ||||||||||||||||||
| in order to improve the experience for a large number of web users. | ||||||||||||||||||
| Breakage is more likely to be acceptable if: | ||||||||||||||||||
|
|
||||||||||||||||||
| * Only a tiny amount of existing content depend on the feature or behavior. | ||||||||||||||||||
jyasskin marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||||||||||||||
| * Only a tiny number of people see that content. | ||||||||||||||||||
jyasskin marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||||||||||||||
| * The content appears only in test cases or examples. | ||||||||||||||||||
| * The content is already broken in some widely-used user agents, | ||||||||||||||||||
| and either they have not received many bug reports about it, | ||||||||||||||||||
| or the change is expected to improve interoperability. | ||||||||||||||||||
| * The benefit of breaking content is very large. | ||||||||||||||||||
| For example, removing old SSL and TLS versions breaks lots of content | ||||||||||||||||||
|
There was a problem hiding this comment.
Suggested change
There was a problem hiding this comment. "Significant" invites a value judgement of how important the content is, while I was just trying to talk about the amount. We could use "many pages", I guess? But it's also an intentional choice to be somewhat informal here: we're trying to communicate, not impress people. |
||||||||||||||||||
| but prevents even more security breaches. | ||||||||||||||||||
|
There was a problem hiding this comment. Is 'even more' really needed here?
Suggested change
Or perhaps
Suggested change
(or something similar)? There was a problem hiding this comment. @matatk , "even more" could be dropped but it seems to match with "lots of" (or "significant"). Not sure if "far more" sounds better but here it is:
Suggested change
There was a problem hiding this comment. I think it's important that we compare the amount of breakage with the amount of benefit. "emerging" doesn't really do that. "far more", on the other hand, might set the bar too high. I'm not actually sure that we need more instances of benefit than instances of harm, if the severities of the instances compare well, but this is just inside the SSL example, where I think it does prevent quantitatively more potential attacks. @martinthomson would know the details there. We could also pick a different example; this one was just on my mind since Martin had mentioned it recently. The following would be fine with me, if other people prefer it:
Suggested change
There was a problem hiding this comment. +1 for "even more" or "more" |
||||||||||||||||||
|
|
||||||||||||||||||
| <h3 id="leave-the-web-better">Leave the web better than you found it</h3> | ||||||||||||||||||
|
|
||||||||||||||||||
|
|
||||||||||||||||||
Uh oh!
There was an error while loading. Please reload this page.