Sunday, 24 April 2005
Personalised RSS and Cookie Sharing
Should cookies be shared between your RSS aggregator and your Web browser? If they were, sites would be able to automatically personalise the feeds you subscribe to; would people be interested in that, or see it as an intrusion in their privacy?
The possibilities are certainly interesting; if I knew who you were, I could not only modify entries to suit you, but I could also insert an entry into just your feed, saying anything from “Hi” to “Do you want a job?” Of course, advertisers would be especially interested in this.
I’ve done some testing, and can’t find any aggregators on Mac OSX, at least, that do this, even if they use WebKit (OSX’s HTTP and HTML framework). I imagine that WebKit’s developers made a conscious decision to limit cookies on a per-application basis, but I don’t know that there’s any real reason for that.
Stepping back, I think the relevant question is what is the scope of a cookie? The Cookie RFC just talks about “User Agents;” is that a single piece of software on my computer, or is it my computer? In certain lights, the delineation is fuzzy and somewhat arbitrary. The same question could be asked about passwords for HTTP authentication.
One final question — what would the sharing mechanism be? I’d imagine that individual operating systems would have their own way of sharing cookies between applications that use common Web frameworks, but what if your cookies were made available on the Web themselves, as stateful resources?