Announcing WellDesignedUrls.org

Those of you who read my blog know that I strongly believe in the importance of URL design. For years it bothered me that we’ve see so many URLs on the web that look like the following example of poor URL design from Jeffrey Veen’s 2001 book The Art & Science of Web Design:

http://www.site.com/computers.dll?1345,1,,22,567,009a.html

Back in Aug of 2005 I finally got my thoughts together and wrote the post Well Designed Urls are Beautiful. Well, from anecdotal evidence (I don’t track stats on my blog stats very closely) it appears that post has become my blogs my popular post!The popularity of that post combine with the several others facts inspired me to go ahead and launch a website with the following mission:

"Providing best practices for URL design, and to raise awareness of the importance of URL design especially among providers of server software and web application development tools."

The "facts" I referenced above are:

  • I continue to feel strongly about URL design yet many are still oblivious to the benefits,
  • I still have a lot more to say on the topic, and
  • It appears that good URL design is one of the many tenants of Web 2.0 partly because of AJAX, Mashups, and REST-based APIs meaning that it won’t be such an uphill battle!  

The name of the website/wiki is WellDesignedUrls.org and for it I have the following goals:

  • To create a list of "Principles" as best practices for good URL design,
  • To cultivate how-to articles about implementing good URL designs on the various platforms like ASP.NET, LAMP and Ruby on Rails, servers like IIS and Apache, and web development tools like Visual Web Developer and Dreamweaver,
  • To cultivate general how-to articles and resources for tools such as mod_rewrite and ISAPI Rewrite and others,
  • To cultivate "solutions sets" for mod_rewrite and ISAPI Rewrite and others that can clean up the URLs on well known open-source and commericial web applications,  
  • To grade web applications, websites, and web development tools by giving them a "report card" on how well or how poorly they follow best URL design practices,  
  • To document URL structure of major web applications and major websites,
  • To recognize people who are "Champions for the URL Design cause" (those who’ve written articles and essays promoting good URL design), and  
  • To providing resources for further reading about good URL design.  

The wiki is clearly new and thus a work in progress, so it will probably be a while before it realizes all these things I mention. However, as I have time and am able to recruite others to help, I think it will become an important advocate for good url design and a great central resource for best practices.  And if you’ve read this far, I’m hoping that you’ll consider either contributing when you feel you have something relevent, or at least use start considering the value of URL design in your own web application development and also point people in the wiki’s direction when applicable.Thanks in advance for the help!P.S. I also plan to launch a WellDesignedUrl blog in the near future.

Subscribe to my RSS feed it you want to be notified of when the blog goes live.

I Am Excited about IIS 7.0!!!

I just read Rick Strahl’s article in CoDe Magazine entitled Get Excited About IIS 7.0 and, yes, I am excited! Finally an architecture that makes sense! If (indirectly) addresses my #1 wish for IIS7: a mod_rewrite functionality. Well, it doesn’t address it per se, but it allows me, or any other .NET developer to address it with simple .NET code. Gosh I wish they could have done it sooner! And Rick, thanks for the great article!

Anti-phishing tactic helps the “Well Designed Url” cause

Today Joris Evers on CNET posted an article about the security developers for the four main web browsers discussing how to make surfing the Web safer. One of the tactics mentioned was Microsoft plans for IIS7 to show the URL in the address bar on all Internet windows to help users identify fraudulent sites. Whereas the trend has somewhat been for many websites to eliminate the address bar on their seconday windows to make their websites look slicker — see what happens when the bad marketing wonks get involved, and when techies become over-enamored by techniques like AJAX — this move will shine the light more brightly on the lowly URL.

In the past have blogged about Good URL design for websites and the related topics of wanting Mod_rewrite functionality for IIS and the tool ISAPI Rewrite that gives mod_rewrite functionality to IIS so it is clear I’m passionate about virtue of incorporating URL design into the overall design of a website. More specifically, my personal opinion is that URL design is one of the more important aspects of web design. This even though one person in this world disagrees with me, but Mark Kamoski is wrong. :)

What’s cool about IIS7 requiring the URL to be seen at all times besides the obvious anti-phishing benefits is it will hopefully cause more website stakeholders (marketers, developers, etc.) to think more about the design of their website’s URLs.

And that would be a good thing.

P.S. Actually, I’d love to see all Windows applications do what Windows Explorer does and support a URL of sorts (maybe call it an "LRL" as in Local Resource Locator?) Wouldn’t it be great to see apps like Word, Excel, QuickBooks, and even Visual Studio be written as a series of state changes where the URL/LRL could represent in a user readable format each uniquely-representable state (with some obvious caveats)? Just imagine how that would empower the creation of solutions by composing applications… but I digress as that is the topic for a future day’s blog post.

P.P.S. I almost don’t want to say this next thing as it could obviate the need for exposing URLs to guard against phishing, but I’m too intellectually honest not to. I see a huge market opportunity for Verisign, with the support of browser and server vendors, to enhance their SSL certificates to include a "Phishing-Safe" seal of approval. Today website owners only need pay for a certificate if they are collecting sensitive information, but in the future I could see it becoming a defacto requirement for any website with a login to need a "phishing-safe" certificate, raising the bar on lots of hobby forums sites, etc. But I once again digress… Oops, I should have read the whole article before pontificating here; looks like they are discussing just such a concept.

Links and Discussion related (indirectly) to ISAPI Rewrite

I just found a blog post by Shirley E. Kaiser at her blog entitled Brainstorms & Raves containing an awesome collection of links and related discussion about Apache’s .htaccess.

While admittedly I write mostly for an audience of developers that use Microsoft-technologies, many of the items discussed apply to Microsoft’s IIS if you use a 3rd party tool named ISAPI Rewrite. This tools provides many of the same features of Apache’s .htaccess on IIS via the httpd.ini config file and implements most of its functionality in a manner identical to mod_rewrite on Apache.  I absolutely love this tool and I’ve previously blogged about ISAPI Rewrite as well as The Importance of Well-Designed URLs, the latter of which is IMO the most important reason you absolutely need ISAPI Rewrite if you are hosting a website on IIS.

Anyway, the blog post covers topics and links to articles that:

  • Explain how and why to rewrite and/or redirect URLs,
  • Discuss techniques for reducing hotlinking and bandwidth theft,
  • Talk about blocking bad bots and comment spammers,
  • Covers regular expressions needed to match the URLs to rewrite or redirect,
  • Explains Robots.txt files,
  • Lists which bots are good and which are bad, and
  • Covers HTTP error code.

A great resource!

All I want for IIS7 is my mod_rewrite!

I’ve recently been spending a lot of time pondering and pontificating on web architecture, and it occurs to me that Microsoft’s Internet Information Server (IIS), now in it’s sixth version, is still pathetically lacking in one key feature that I think it critical for properly architecting websites. And this key feature has been part of/available for Apache for a long time in the form of mod_rewrite.

What is this key feature? The ability to create dynamically defined virtual URLs that contain only directories - i.e. URLs that don’t require a file name with a specific extension.  Sure, you can easily support dynamically defined virtual URLs using a custom HTTP Handler with IIS6 and ASP.NET; they will look something like this:

http://www.trucks.com/toyota/4runner.aspx
http://www.trucks.com/nissan/pathfinder.aspx
http://www.trucks.com/honda/ridgeline.aspx

But it won’t support dynamically defined virtual URLs that look like this without some C++ derived ISAPI magic:

http://www.trucks.com/toyota/4runner/
http://www.trucks.com/nissan/pathfinder/
http://www.trucks.com/honda/ridgeline/

However, there is a reasonably inexpensive third party ISAPI filter known as ISAPI_Rewrite that provides this capability for IIS.

In addition, there’s another feature that is needed, and that’s the ability to cleanse HTML output before it’s sent to the browser.  Why would you need that?  For example, if you are using a content management system like DotNetNuke that has a mind of its own with respect to the URL formats it generates and you want use clean and concise URLs you need to be able to filter and transform the HTML after your CMS generates it but before IIS sends it on to the web surfer’s brower.  There is evidently an inexpensive product named Speerio SkinWidgets DNN with a "widget" called PageSwiffer with which you can supposedly filter and transform outbound HTML, though I’ve not tested it.

I‘m sure both of these products are great, but dang it all Microsoft, this functionality really should have been baked into IIS a long time ago. How it is something that should have been this easy to add has been for so long overlooked?

Anywho, here’s hoping these features show up in IIS7.