Extracting HTML / JavaScript From A Source Listing

If you do any work on your blog, and the template, eventually you will need to extract gadget source code.

The ability to extract source code can be useful in various tasks.

• Identifying a problem gadget, to others.
• Publishing a gadget on a separate page, by embedding the code in a page or post.
• Recovering the content of a deleted gadget.

In each case, use of the proper text browser or source listing is where I start.

Having produced the source listing, I must find and extract the relevant code which represents the gadget in question.

Here is a very basic example, from my Template Laboratory blog. We'll look at a gadget in the sidebar, which I labeled "Empty HTML Gadget".
HTML13
If I locate the gadget, when viewing the blog - and I am logged in as an administrator, I can use the Quick Edit icon (if Quick Edit is enabled), and identify the gadget by the URL. I can do the same, with the "Edit" link in the dashboard Layout wizard.

http://www.blogger.com/rearrange?blogID=6231987187698503326&widgetType=HTML&widgetId=HTML13&action=editWidget§ionId=sidebar-right-1

In this case, I know to search for gadget "HTML13".

I have this luxury, when I am able to view the blog - or to view the dashboard Layout wizard. If I am identifying a problem gadget - maybe a malicious accessory on somebody else's blog, I won't have that ability. Searching for a malicious gadget may require use of two or more source code listings - plus imagination or deductive reasoning.

But, once I identify the gadget, in the source listing, I can start.
See "id='HTML13'"?
Here is the complete section of code, which this gadget produces.

<div class='widget HTML' id='HTML13'>
<h2 class='title'>Empty HTML Gadget</h2>
<div class='widget-content'>
This is a (<span style="font-weight:bold;">somewhat</span>) empty HTML gadget.
</div>
<div class='clear'></div>
<span class='widget-item-control'>
<span class='item-control blog-admin'>
<a class='quickedit' href='//www.blogger.com/rearrange?blogID=6231987187698503326&widgetType=HTML&widgetId=HTML13&action=editWidget§ionId=sidebar-right-1' onclick='return _WidgetManager._PopupConfig(document.getElementById("HTML13"));' target='configHTML13' title='Edit'>
<img alt='' height='18' src='http://img1.blogblog.com/img/icon18_wrench_allbkg.png' width='18'/>
</a>
</span>
</span>

The code which I need is inside the "widget-content" tags.

<div class='widget-content'>

... (Everything here is the "widget content").

</div>
<div class='clear'></div>
<span class='widget-item-control'>

And, in this case, what I need:

This is a (<span style="font-weight:bold;">somewhat</span>) empty HTML gadget.

This is a very simple example - but you will find, consistently, that you need to look for the proper tag set, starting with "<div class='widget-content'>", and ending with the corresponding "</div>".

Identifying the proper closing "</div>" can be tricky. Many gadgets have nested "<div>" ... "</div>" pairs in the "widget content" - so I search for the "<span class='widget-item-control'>" tag, and work backwards from there.

<div class='widget-content'>

...

</div>
<div class='clear'></div>
<span class='widget-item-control'>

And copy the code, from inside the tag set.

This is a (<span style="font-weight:bold;">somewhat</span>) empty HTML gadget.

Once you practice, you'll find it easily enough.

Now, take the extracted gadget code, and publish the gadget to a specific blog page.

Use Google Drive For Team Document Development

Ever since AutoSave was developed, and added to posts being edited, people have been having problems when editing un published posts.

We see periodic cries of anguish, in Blogger Help Forum: Get Help with an Issue.

I had been working on this post, for weeks! Just as I selected a portion to delete, AutoSave kicked in, highlighted the whole post, and saved an empty post!!

and

I was working on this post, along with another member of the team. We keep making changes, and erasing each others changes!!!

Blogger allows long period editing of un published posts - and they provide team blog ownership - but you'll do better to not use either possibility, with any important projects.

I've been warning people, for a long time, that Blogger is not a Content Management System.

Blogger provides neither Draft mode edits, nor team membership, as compared to a CMS. Both Draft editing, and team blog membership, provides potential for loss of content, that only you (the original blog owner) will be able to recover.

AutoSave, And Editing A Draft Post
We've known about AutoSave, and it's ability to destroy carefully edited posts, for years. AutoSave is known for it's tendency to cause the entire post to be highlighted - and, after you just pressed delete, to save a newly deleted, empty post.

If you, as the author, have been working on a post for days - or weeks, and you save an empty post, your work is now gone. And Draft mode provides no consistent ability to recover previous versions of the post.

Team Membership
Team membership provides either authors (who can only edit their own posts), or administrators (who can edit, and destroy, everything). There is no middle ground.

If you want to have people able to collaboratively edit a post, you have to make them all administrators. When you do that, every team members absolutely must be someone whom you can trust.

If one team member takes it upon herself (himself) to take over the blog, and remove the other members (and you), this is a problem that you must handle - since you made the decision to give control of the blog, to that person. Blogger Support cannot get involved, legally, since it is (was) your blog.

And, even if team members play by the rules, two people, editing the same post, can easily interfere with each other. The Blogger post editor provides no ability for two team members to edit the same post, simultaneously.

Use Google Drive For Collaborative, Long Term Editing
Having noted the limitations, Google has provided a solution. Google Drive provides a real, Content Management System approach to long term, group development of documents, with version based recovery.

Just start a document, and invite people to help you edit the document. When the document is ready, embed it into your blog. You, and your team, can work on the document - and your only very trusted blog administrators can work on your blog.

If you don't like the embedding options, you can download the document as Rich Text or Plain Text, then copy the text into a new blog post and format the post as you like. If AutoSave misbehaves, you have the original Drive document, as a backup.

You can keep the blog, and the document, separate. When you embed the document, you can let some people continue to edit, while others can read the blog / document, as developed - and the general public can, as you like, be unable to view either one. And your trusted administrators / webmasters can develop the host blog.

Blogger and Google Drive, together, provide interesting possibilities. Imagine the possibilities. Use Google Drive, For Team Document Development Use Google Drive, To Develop Important And Group Documents Use Google Drive, To Develop Important And Group Documents

Blogger Blog Readers Unable To Comment, Using OpenID Accounts Hosted By WordPress

We're seeing a scattered collection of reports, mentioning problems publishing comments, using OpenID authentication.

This problem appears to be related to the Blogger rollout of SSL support, for our blogs, which is currently in progress. SSL, or Secure Socket Layer, represents the next step in blog / website security - a step which the Internet community has been taking, for many years.

Blogger has been using SSL (aka "HTTPS" login), in their dashboard, for several years.

https://www.blogger.com

That's a secure Blogger login. The problem with Blogger using SSL in our blogs is that moving to SSL requires care, to avoid confusing our readers. Lack of care will subject our readers to the well known "mixed mode" warnings.

This site has insecure content.

Only secure content is displayed.

Firefox has blocked content that isn't secure.

These are several examples of what were normal, years ago, on many websites. Blogger does not want our readers subject to needless confusion, from these warnings.

Blogger blog owners have been asking, for years, that Blogger support SSL in BlogSpot (and our custom domains).

FaceBook upgraded to SSL, in 2013 - and saw problems with Blogger content.

Last year, FaceBook upgraded to SSL. Blogger blog owners, who were also FaceBook members, watched their Walls, which contained HTTP links to their Blogger blogs, show the "mixed mode" warnings.

The real issues begin to arise, however, when your application must include assets served by servers which also do not support SSL.

...

We’ve all experienced “mixed mode” warnings, with some browsers being much more annoying about them than others. "Mixed mode" means you requested a page over SSL, but some of the resources needed to fully render that page are only available over unencrypted HTTP.

Blogger is offering the option for us to upgrade our blogs, this year.

Now, Blogger is upgrading, so our blogs may (optionally) support the SSL protocol - and not confuse FaceBook members, who post links to our blogs. To avoid the "mixed mode" warnings, which would confuse our readers, they are upgrading all Blogger processes, including OpenID authentication, to support SSL.

The Blogger upgrade has exposed a WordPress inconsistency.

Just as FaceBook upgrading to SSL helped to cause Blogger to upgrade, so is Blogger upgrading to SSL exposing an inconsistency in WordPress use of SSL, for OpenID authentication.

The problem in my case (and maybe in others as well) seems to be that https://yourblog.wordpress.com is send for verification to the OpenId server. This is what I could figure out from the URL. If you than manually replace HTTPS with HTTP, it works.

This comment suggests that WordPress, which in general is using SSL security, has an OpenID server that has not been upgraded.

WordPress needs to check their OpenID servers.

So now, Blogger has to wait for WordPress to fall into step, consistently. Until WordPress upgrades their OpenID server, people who want to use a WordPress OpenID account, to comment on our blogs, will have to select "OpenID", instead of "WordPress" - then enter the WordPress OpenID URL, as

HTTP://whatever.wordpress.com

And wait for WordPress to upgrade their server.

Publishing A Gadget To A Specific Page

Long before Blogger developed static pages, blog owners had wanted to have some accessories or gadgets visible only on specific pages.

Initially, we discovered that gadgets could be displayed conditionally, based upon the URL being displayed. This is a fairly simple task, when you get used to it - but it requires editing the template HTML - and can look a bit scary, to those inexperienced in template editing.

Recently, we realised that some gadgets can be embedded in a page or post, by editing in HTML mode - and accomplish the same. I demonstrated my custom "Contact Me" gadget, using that ability.

Both the technique of embedding a gadget in a page or post - and of conditionally displaying a gadget - have their advantages, and their disadvantages.

Embed A Gadget In A Page Or Post

My custom "Contact Me" gadget, which is provided by Google Docs as an IFrame embedded page, is published in my static page "Contact Me, Improved".

<iframe src="https://docs.google.com/forms/d/1JvoY2yf5aTChnvXlCgGsUerSCtI7RHpRdkq5SPBPm90/viewform?embedded=true" width="700" height="800" frameborder="0" marginheight="0" marginwidth="0">Loading...</iframe>

That's the code for my gadget - you can make your own, in 10 - 15 minutes. You can use this technique with any Google Docs based file.

My expanded Followers gadget is part of my static page, "Followers". The code for that page was provided by Google Friend Connect, and is no longer available. You may now install the "Followers" / "Google Friend Connect" gadget, using "Add a Gadget".

The Followers gadget is JavaScript based, though - and the rendered gadget code can be extracted from the blog source, using any suitable text based browser. Having extracted the JavaScript, it can be added to any page or post, in HTML mode, just as I did to make "Contact Me, Improved".

Display A Gadget, Conditionally

Gadgets which are provided as XML, and do not provide convenient rendered JavaScript code, cannot be easily embedded in a page or post. These gadgets will still be added using "Add a Gadget", and will require the conditional template tweak. My Labels index page, "Topics", is an example of this technique.

Any BlogList or LinkList gadget can be found as rendered HTML, and the code can be extracted - again, from a blog source listing - but both bloglists and linklists are dynamic - and frequently long. If you extract the rendered source, you get a static copy - - which is fine, if you never plan to change your list.

The blog has half a dozen lists, of various types - and I like to add or remove list elements, whenever necessary. I enjoy the Quick Edit feature of the "Peer Resources" bloglist, for instance - and have no intention of publishing that bloglist as a static HTML based linklist. If I was to display "Peer Resources" on a specific static page, I would use the earlier technique of editing the template XML code, and adding a conditional.

It seems as if it should be possible to add XML code, directly, into a page or post. If I discover the appropriate technique for doing that, I will surely update this post.

Know The Alternatives

Just know the alternatives, and choose wisely.

Clearing Cache Won't Always Solve Problems

Sometimes, when diagnosing a problem which involves cache, you may be advised to "clear cache" - or possibly, "clear cache, cookies, and sessions".

Instructions, to do either, may vary according to the problem being diagnosed. Unfortunately, clearing "cache" or clearing "cache, cookies, and sessions", for problems which involve cache, may not always solve the problem at hand.

If you have a problem when viewing your blog - or if you wish to immediately refresh your personal view of your blog, you might clear "cache". If you have a problem with your Blogger dashboard - maybe when switching between Draft and Production Blogger, on the other hand, you would want to clear "cookies". Whenever you clear cookies, you should clear cache, also - so, if you have a problem when maintaining or publishing your blog, you will be advised to clear "cache, cookies, and sessions".

Not all problems involving "cache" will always be solved by "clearing cache" - or even "clearing cache, cookies, and sessions". Clearing browser cache won't help, if the problem involves

• cache outside the browser being used
• cookie or script filtering

Clearing browser cache won't help, if the problem involves cache outside the browser being used. When you clear cache, you are clearing cache in one individual browser.

• If you have other browsers, or other computers, you may have to clear cache there, also.
• You cannot control cache, outside your computer.
• You cannot control cache, on your reader's computers.

There is no permanent solution, for upstream cache. But, there may be a diagnostic step, that helps us understand what is going on.

This is the URL of this blog.

http://blogging.nitecruzr.net/

If I need to access the main page, without refreshing the browser, or clearing cache, I can retrieve the updated content, on a temporary basis.

http://blogging.nitecruzr.net?

A URL containing a "?" is normally used for retrieving a web page, dynamically, with extra settings embedded in the URL.

http://blogging.nitecruzr.net?something

A dynamic retrieval is evaluated immediately, using the Blogger server (in this case) - and without any interference from any caches.

Even without a real need to have the URL evaluated by the server, we can still make the URL dynamic, just by adding the "?" at the end. And this bypasses any cache - including cache upstream from the browser.

http://blogging.nitecruzr.net?

Just remember - this is a temporary solution.

Clearing cache won't help, if the problem involves cookie or script filtering. If you clear cache when diagnosing a problem with the Blogger dashboard, a problem with commenting, or any other problem which requires logging in to Blogger, you will need to clear cookies and sessions, at the same time. This won't always be successful, even so. If a problem starts from improper filtering of private data, you won't solve anything by clearing private data.

Cookies, needed when viewing a Blogger blog, are vulnerable to "third party" cookie filters.

• A preference cookie (aka "cookie") is created under "blogger.com", where an interstitial display runs.
• A session cookie (aka "session") is created under "google.com", where you login.

Both types of cookies are read under "blogspot.com" - or under whatever custom domain, or whatever country code alias, is being used by the blog, as displayed.

Whether a cookie is needed, but non existent - or needed, but can't be read - the result is the same. The reader is unable to continue, and does not get to view the blog, when necessary.

If a problem which appears to be caused by out of date cache is actually caused by a cookie filter, and you clear cache, cookies, and sessions, you won't solve anything. A cookie, wrongly filtered, will continue to be a problem, even with cache cleared.

If a reader is subject to a filter that blocks "third party" cookies, and a preference or session cookie is needed, the reader will be unable to continue. This is a condition that Blogger Engineers cannot program around, because it is part of the security code, in the browser - and helps to protect us from malicious activity, when we surf dodgy websites.

The bottom line is you need to know when to clear cache (and cookies and sessions), in your browser - when you need to clear cache, elsewhere - and when you need to check your cookie and script filters. None of the 3 makes either of the other 2 redundant - advice given in Google - Blogger Help: Fix a Blogger error notwithstanding.

Static Blogs, And Spam Classification

Blogger blogs are starting to become a regular website publishing platform - not just a blogging platform.

Long ago, a Blogger blog was just an online journal, with posts, and text. Then, Blogger added labels, later static pages - and then the ability to replace the home / main page, with dynamic or static content of your choice. Recently, the original limitation of 20 static pages / blog was relaxed (we are not yet certain that the limit has been eliminated completely, however).

Now, you can practically publish a static website, without even having posts, using a Blogger platform. But, is this a good idea, with Blogger "One button" Publishing?

We have people asking various questions, in Blogger Help Forum: Learn More About Blogger, about making a static website.

How do I remove posts from my main page?

and

How do I publish a blog, without posts?

And alternately, in Blogger Help Forum: Get Help with an Issue, we see different questions.

Why can't I get AdSense for my blog?

or

Why did Blogger delete my blog?

or maybe

Why can't I find my blog listed, in Google Search?

And all of these questions may well be just different views, of the same problem.

What you can do, and what you should do, with a Blogger blog, may be two different things.

Other Google services may affect success of your Blogger blog.

A Blogger blog may be subject to standards enforced by different Google services.

• AdSense.
• Blogger.
• Google Search / Webmasters.

What you do with your blog, that may be permitted (or tolerated) in one service, may cause problems with another service.

Too many people start a Blogger blog, and only focus on making money. When they don't have a plan for writing content, they try other, more innovative techniques - and there is where many spam blogs start.

AdSense, the Google ad host service, may be less tolerant of innovative techniques, than Blogger. They have conservative standards for blog content, and for behaviour by blog readers. If you include AdSense ads in a Blogger blog, you may find your blog subject to penalties for excessive / self clicking and low quality content, that exceed Blogger standards.

Even without AdSense being involved, a Blogger blog may be subject to search engine penalties for infrequently updated or non unique content. Low quality content, resulting in poor search results, will leave the blog lacking traffic. If the blog uses a third party ad hosting service, which is more tolerant than AdSense about clicking and content, the ads still won't make a lot of money without traffic.

Don't use your Blogger blog as a gateway to a non Google website.

A static blog, that is designed to generate traffic for a non Blogger / Google website, may be a problem, too. Gateway blogs are a popular technique for many spammers. Blogger actively forbids both gateway blogs, and automated posting. This includes feeds from other websites, when used as post content.

You can combine your Blogger blog with a non Google website - but publish the blog as a blog.

It may be possible to have blog posts visible in a section of the blog - and combine the blog, with a non Google website. Even so, the "blog" portion of the blog will still need regularly published, unique content. This is a requirement, whether you are publishing a Blogger blog - or moving your blog to other hosting.

What you can do - and what you should do - will always differ.

The bottom line is what you can do, with a Blogger blog - and what will lead to a successful blog - may be two different things. You're allowed to do anything, that does not violate TOS - but if you want good results, you need to use common sense.

Use A Blogger Blog As An OpenID Host

We see an occasional request, in Blogger Help Forum: Learn More About Blogger, about commenting and the profile used when authenticated.

How do I have my comments linked directly to my blog? I don't want my comments linked to my profile, with people having to hunt for my blog links!

This person does not understand why we have Bogger / Google / Google+ profiles, linked from our comments.

Even if we can't provide direct links to our blogs, when commenting using a Blogger or Google account - we can do that, if we can comment, using an OpenID account. An OpenID account links directly to our designated blog - when we specify the right blog URL, while logged in using OpenID, to publish a comment.

Your Blogger blog will provide an OpenID account, just as well as a FaceBook or WordPress account will do, for any Blogger blog using Blogger hosted commenting. Blogs using third party commenting systems may, or may not, support OpenID.

Blogger has been providing, OpenID authentication, for comments, for some time.

Getting OpenID to work - to allow comments using a Blogger based OpenID "account", is not automatic, however. The OpenID V1 tags, which are part of the standard Blogger blog header, don't work. You'll need to replace them, with OpenID V2 - and you will need a Blogger account, with a Google / Google+ profile.

Here, as always, I'll advise you to backup the template - before and after tweaking it.

You'll add 3 lines of code. Copy and paste 3 lines (which may display here as up to 6 lines, wrapped), below.

<link href='https://www.google.com/accounts/o8/ud?source=profiles' rel='openid2.provider'/>
<link href='http://www.google.com/profiles/nnnnnnnnnnnnnnnnnnnnn' rel='openid2.local_id'/>
<link href='http://www.blogger.com/openid-server.g' rel='openid.server'/>

Access the dashboard Template wizard, and use "Edit HTML". At the top of the header section, look for the "all-head-content" tag.

Change

<b:include data='blog' name='all-head-content'/>
<title><data:blog.pageTitle/></title>

To

<b:include data='blog' name='all-head-content'/>
<link href='https://www.google.com/accounts/o8/ud?source=profiles' rel='openid2.provider'/>
<link href='http://www.google.com/profiles/nnnnnnnnnnnnnnnnnnnnn' rel='openid2.local_id'/>
<link href='http://www.blogger.com/openid-server.g' rel='openid.server'/>
<title><data:blog.pageTitle/></title>

Then, replace

nnnnnnnnnnnnnnnnnnnnn

with your Google or Google+ profile id. And hit "Save template".

The next time you are preparing to comment, on a blog that supports OpenID based comments, select OpenID, and provide the URL of your blog.

You will have to login, using your Blogger account with the right Google / Google+ profile, and accept the comment. Other than that, it's pretty straightforward.

>> Top

Change Per Post Comment Settings, One Post At A Time

Occasionally, we have a blog owner trying to enable commenting, on a blog - and being unsuccessful diagnosing commenting problems.

Checking the per blog comment settings, in the the dashboard menu under Settings - Posts and comments, there's no obvious problem. The problem, in some cases, is in the per post settings, in the Post Editor "Post settings - Options" wizard - but not all posts will have a problem.

The "Reader comments" setting, for any new post, is taken from the setting for the previously published post. If you publish a post today, with "Reader comments" selected as "Don't allow", the next post will also be set to "Don't allow" - unless you change the setting, before publishing. Similarly, if it's set to "Allow", the next post published will have it set to "Allow".

• Allow
• Don't allow

That's the choices, for each new post.

If the setting for any post is wrong, according to your policy, it's up to you to change the setting, for that post.

Since the per post setting overrides the per blog setting, any existing posts, with the setting "Don't allow", will not allow comments. To change this, you have to edit each post, one by one, and change the setting.

If the setting is "Allow", and you want to disable comments, you have to change the per post setting, one post at a time. Again, any new posts will then have the setting "Don't allow" - but any existing posts will have to be changed, one post at a time.

If you backdate a post, and publish it before any previously published posts, the setting for the previously published posts won't change. If this creates a range of posts, with inconsistent settings - some allowing comments, the others not allowing comments - you'll still have to change the setting as you wish, for each post, one by one.

If the setting for a post is currently "Allow", and a post has comments, you'll have 3 options for that post.

• Allow
• Don't allow, show existing
• Don't allow, hide existing

That's the choices, for each post with comments.

If you're in the habit of changing the comment setting for various posts, you'll want to check the setting, for each new post - and make sure that it's appropriate. Better that, then to have to change a whole bunch of posts, one by one, later.

>> Top

Spam Blog False Positive Classifications Do Exist

No matter what Blogger does with improving the spam classification process, they will always generate some false positive classifications.

The more that they improve the classification process overall, the more obscure the false positive classifications will be. Some false positives will require intense investigation of the blogs, to identify the relationships between the blogs involved - and to prove, to Blogger Policy Review staff, that a false positive classification is present.

Some time ago, in Blogger Help Forum: Get Help with an Issue, I had occasion to deal with a blog owner who was a currency trader, by profession. This person had published a cluster of blogs, where he discussed legitimate issues involved in currency trading.

Currency trading is an essential part of exchange of merchandise, between different countries (the export / import business) - and the Blogger spam classification process had deleted his blogs, as suspected spam hosts.

For you to understand the situation that I'm recounting, you need to understand one principle of currency trading.

When someone sells US Dollars ("usd") and buys Great Britain Pounds ("gbp"), to help a client in the USA import merchandise from the UK, there has to be a second trader, buying US Dollars and selling Great Britain Pounds. The first trader is doing a "usdgbp" trade, and the second, a "gbpusd" trade.

The blog cluster, that was setup by the trader, discussed issues about trades between Great Britain Pounds, Japanese Yen ("jpy"), and US Dollars. The trade combinations possible, with just 3 currencies, would be

1. GBPJPY
2. GBPUSD
3. JPYGBP
4. JPYUSD
5. USDGBP
6. USDJPY

Most traders handle dozens of currencies, in various trades. A staff of a dozen traders would handle all of the world currencies - with some trades involving 2 traders working together, on either end of the trade.

The trader in question had published a cluster of 6 blogs - all using the same base blog name (we will call it "Currency Trading"), which gave him 6 blogs - with legitimate names.

1. Currency-Trading-GBPJPY.blogspot.com
2. Currency-Trading-GBPUSD.blogspot.com
3. Currency-Trading-JPYGBP.blogspot.com
4. Currency-Trading-JPYUSD.blogspot.com
5. Currency-Trading-USDGBP.blogspot.com
6. Currency-Trading-USDJPY.blogspot.com

Each blog discussed specific - and very trade sensitive - issues about trades between the specific currency pairs. Each blog provided relevant and unique discussions about the issues.

Thanks to splog detection, a false positive detection - based on legitimate splog classification technique - had, nonetheless, left this blog owner with 6 deleted blogs.

Thanks to one of my previous IT responsibilities, as tech support for a bank currency trading desk network, I recognised the naming convention used by the 6 blogs, and the reason for the 6 blogs - and was able to convince Blogger Policy Review staff about the problem.

Some blogs are part of legitimate blog clusters, which use well defined naming conventions. Others have names that are coincidentally similar to other blogs, owned by different people.

In either case, the reasons for the naming similarities are where we start, in identifying any spuriously deleted blogs - and in describing the reasons for the spurious deletions. Blogger Policy Review staff have to be made aware of the legitimate reason for a naming similarity, and any other details, so they can make an informed decision.

Knowledge about obscure relationships, such as the naming convention for currency trading blogs, are not part of every Blogger helper or staff persons background. Sometimes, the blog owner has to provide details, objectively and patiently, to help convince Blogger Policy Review to restore the blogs involved.

Unfortunately, not all blog owners are patient enough, to be interviewed, to some degree of success. Also unfortunately, some self stated blog owners are actually hackers or spammers, misusing Blogger Help Forums resources.

Some owners of legitimate blogs claim that their being subjected to an interview shows suspicion placed on them, rather than an attempt to identify the problem - and successfully prove, to Blogger Policy Review staff, that a false positive spam classification is present.

The complicated and devious relationships, involved in some spam review request investigations, make a Tom Clancy novel seem like a 5 minute segment of the 6:00 news.

>> Top

GPT / PTC / PTS Content Is Not Welcome, In Blogger

One of the most easily overlooked details, about Blogger blog content, is that GPT / PTC / PTS Content is not suitable, for Blogger blogs.

Blogger Content Policy has a section which describes GPT / PTC / PTS Content, in passing.

Spam: Spam takes several forms in Blogger, all of which can result in deletion of your account or blog. Some examples include creating blogs designed to drive traffic to your site or to move it up in search listings, posting comments on other people's blogs just to promote your site or product, and scraping existing content from other sources for the primary purpose of generating revenue or other personal gains.

Unfortunately, spammers have been very subtle, in their description of various make money fast programmes - and not so many blog owners think it necessary to contact a lawyer, to interpret the Content Policy document, when planning their new blog.

Too many blog owners, asking the frequently seen question in Blogger Help Forum: Get Help with an Issue, get answers they are not prepared to see.

Why was my blog deleted? I need the money from the blog, to feed my family!

And they are told, simply

GPT / PTC / PTS / PTV content is not welcome, in Blogger.

This response does not please them.

Maybe, education can reduce the popularity of GPT activity, in Blogger.

"GPT" is a collection of fraudulent and illegal activities.

"GPT" (aka "Get Paid To") is a collection of various activities.

• PTC, aka "Pay To Click" involves people clicking on ads, to earn the blog / website owner money.
• PTS, aka "Pay To Surf" involves people clicking on links, to access the blog, and to earn the blog / website owner money.
• PTV, aka "Pay To Verify" involves people solving CAPTCHAS, so spammers can publish spam, as Blogger blogs and comments, and in our email, using high volume publishing scripts.

These various activities have been carefully packaged, as useful "make money fast" techniques, by the more successful spammers, who called themselves "marketing consultants".

Ads are placed on peoples blogs, so the readers of the blogs will view the ads and buy the merchandise. People who sit in front of their computers, clicking away, are not looking at the ads, or planning to buy the merchandise.

GPT (PTC / PTS / PTV) is a type of fraud. Any blog which provides advice on using GPT - or uses GPT techniques to increase blog activity - encourages the fraud, with clever ads, and shiny payment programmes. Ask yourself how the various GPT "Services" make the money, that they pay to the blog owners, for hosting their ads.

If "GPT" was really lucrative, would the expert waste time selling it?

If the blog owner, who shows you the GPT programme, really had a way to get rich, would he waste effort, telling you how to get rich? No, he would be busy getting rich, without you. Blogs, with ads telling you how to get rich, are not showing you how to get rich - they are helping the blog owner to get rich - and you are paying for his success.

Who pays you to sit at your computer, and solve CAPTCHAs, all day? The people who sell the commercial scripts, that enable spammers to setup accounts and publish spam - like spam Blogger accounts, spam Blogger blogs, and spam Blogger comments. You are just a minimum wage employee, who makes the CAPTCHA solution section of the script run, and produce the spam accounts, blogs, and comments.

Abuse detection, like highway traffic enforcement, doesn't take place in every spot on the globe, on a 7 x 24 x 3600 basis. Some people get caught (blogs get detected), other people (blogs) go un detected - from day to day.

To put and end to "GPT" and other fraud, we go one blog, at a time.

For abuse classification to produce results, each blog must be classified, on its own, as detected. Other illegal blogs will be classified, later.

If you start a blog, fill it with GPT content, and publicise it using GPT technique, you'll be one more blog owner lamenting, in Blogger Help Forum: Get Help with an Issue.

Why was my blog deleted? I worked hard for 1 year, spent much money advertising!

Start a new blog, with legitimate, interesting, unique, and useful content, based on a subject that interests you. Don't become one more victim, of advice from the older spammers.

Private Blogs, And Dynamic Blog Access

Occasionally, someone may publish a blog as private, invite / accept readers, then later decide that results are not as positive as desired.

It's easy enough to change a blog, from Private to Public. Just go to the Permissions wizard, in the dashboard menu Settings - Basic, and change Blog Readers from "Private" to "Public".

Unfortunately, this may not leave everybody able to access the blog.

I made my blog public, last week. Some of my friends are now seeing

Your current account does not have access to view this page.

Why is this still an issue?

The blog owner, in this case, is seeing the effect of cache, and authentication.

In many cases, simple instructions to "clear cache, cookies, and sessions" may resolve this problem. This does not always work, however - and the mystery why it does not always work may frustrate us, almost as much as the original symptom.

Sometimes, clearing private data - even though it may be a bit drastic - does nothing to resolve the problem at hand.

I just did that - and there's no improvement!

Now, we suspect that there is a cache, outside the browser, that can't be cleared.

There is no permanent solution, for upstream cache. But, there may be a diagnostic step, that helps us understand what is going on.

This is the URL of this blog.

http://blogging.nitecruzr.net/

If I need to access the main page, without refreshing the browser, or clearing cache, I can retrieve the updated content, on a temporary basis.

http://blogging.nitecruzr.net?

A URL containing a "?" is normally used for retrieving a web page, dynamically, with extra settings embedded in the URL.

http://blogging.nitecruzr.net?something

A dynamic retrieval is evaluated immediately, using the Blogger server (in this case) - and without any interference from any caches.

Even without a real need to have the URL evaluated by the server, we can still make the URL dynamic, just by adding the "?" at the end. And this bypasses any cache - including cache upstream from the browser.

http://blogging.nitecruzr.net?

Just remember - this is a temporary solution.

If you forget to use the "?" later - and you retrieve the old web page, still in cache, don't be surprised to keep seeing

Your current account does not have access to view this page.

Until the cached page expires normally, from the cache that you can't control, that's going to still be a possibility.

>> Top

'Good Enough' Never Is, With Custom Domains

This month, we're seeing an interesting collection of problem reports, in Blogger Help Forum: Get Help with an Issue, about custom domain setup.

Why is my blog offline - occasionally?

And

Why do some (just some!) of my readers tell me they can't see my blog?

Investigating the problem, we see that the domain is, indeed online - some of the time.

Investigating the DNS addressing, robustly, we find an all too frequently seen set of name servers:

mydomain.com. 14400 IN A 216.239.32.21
www.mydomain.com. 14400 IN CNAME ghs.google.com.

What we see here is a domain, setup by someone who thought that one server would be 'good enough' to get by.

One server will, sometimes, get by - for a while, and for some people.

What some blog owners fail to realise, though, is that DNS service is never the same, all over the world (or the Internet). People in some places will use one DNS name server - and people in other places will use another.

And similarly, DNS service is never the same, from day to day. Today, you might need the services of one DNS name server, and tomorrow you might need another.

This month, we're seeing a number of reports that suggest that the Google name server at "216.239.32.21" is not responding for everybody. Now - don't everybody, who has a custom domain published Blogger blog start spitting coffee, and calling their registrar for emergency support.

People who have a properly setup domain should not worry, needlessly.

mydomain.com. 14400 IN A 216.239.32.21
mydomain.com. 14400 IN A 216.239.34.21
mydomain.com. 14400 IN A 216.239.36.21
mydomain.com. 14400 IN A 216.239.38.21
www.mydomain.com. 14400 IN CNAME ghs.google.com.

People with domains that provide a robust set of addresses are in better shape. The odds that all 4 name servers will fail, simultaneously, is near zero. It's much better than those with one name server, that is 'good enough for me' - and that, right now, provides the basis for this post.

Really, folks.

mydomain.com. 14400 IN A 216.239.32.21
www.mydomain.com. 14400 IN CNAME ghs.google.com.

One "A" name server was good enough for you, last month. It's not, now. How many of your readers, since last month, saw

404 Not Found

How about your search reputation. What happens, when your blog is being indexed, and the search engine gets

404 Not Found

Neither your readers, nor the search engines, appreciate

404 Not Found

And both will react, negatively - and you won't like the results.

'Good enough' isn't - for everybody, all of the time. And this affects the reputation of your blog, both with people, and search engines.

Comments, Owner Choices, And Reader Choices

Much of what we do in life - and what we do when using Blogger - is based upon, and limited by, choice.

Some choices we get to make, for ourselves. Other choices are made for us, by people who make their own choices.

Some blog owners do not want their readers to have to login to Blogger, to comment on their blogs. Other blog owners do not want their readers to have to solve a CAPTCHA, to comment on their blogs.

A few blog owners do not want their readers to have to do either.

It seems anyone who wishes to leave a comment, will have to do some form of login, either via Google or a CAPTCHA, to do so! Is there a reason for this, would it not be easier, for anyone to just leave a comment?

And the answer here is simple.

It would be easier, if neither were required.

But reality - involving activity by spammers, and activity to counter spammers - leaves some of us with less choices.

Long ago, Blogger allowed anonymous comments, without a CAPTCHA to solve. Spammers benefited from that possibility.

Later, Blogger added the ezCAPTCHA, to be required at the owners decision. Some owners chose to not select the CAPTCHA, because their readers were inconvenienced. Spammers continued to benefit from blogs which allowed anonymous comments, and no CAPTCHA.

Recently, Blogger added the non optional reCAPTCHA. This requires anybody not logged in to have the choice - login, or solve a CAPTCHA.

Unfortunately, the latter change made the third party cookie filter issue more critical. People who are already logged in, but are subject to third party cookie filtering, have to login, or solve a CAPTCHA. This requirement may vary, according to the variant of the commenting form, used by the blog.

Now, a blog owner has 4 choices, to control anonymous comments.

1. Don't allow anonymous comments, and don't require a CAPTCHA. People who are not logged in will have to login, to comment.
2. Don't allow anonymous comments, but require a CAPTCHA. People who have not logged in will have to login, and solve a CAPTCHA.
3. Allow anonymous comments, and don't require a CAPTCHA. People who have not logged in will have to either login, or solve a CAPTCHA.
4. Allow anonymous comments, and require a CAPTCHA. People who are not logged in will have to solve a CAPTCHA.

Some people will have to either login, or solve a CAPTCHA, to comment. Depending upon what choices are made by the blog owner, the readers may have any 2 of 3 choices.

1. Solve a non owner optional reCAPTCHA.
2. Solve an owner optional ezCAPTCHA.
3. Login.

You'll like the ezCAPTCHA a lot more than the reCAPTCHA.

People who are logged in to Blogger / Google, and are not subject to third party cookie filters, may not see a CAPTCHA - and will not have to login to comment. People who are logged in, but are subject to third party cookie filters, will have to either login, or solve a CAPTCHA.

Owners of blogs which attract readers, who choose to maintain their cookie filters, will benefit more from the new CAPTCHA, than owners of blogs which attract readers who do not choose - or do not care - to maintain their cookie filters.

To make the choices easier to understand, Blogger would have to make "Require CAPTCHA" a binary option, for at least 3 comment authentication levels.

1. Anonymous.
   • Require CAPTCHA.
   • Don't require CAPTCHA.
2. OpenID.
   • Require CAPTCHA.
   • Don't require CAPTCHA.
3. Google account.
   • Require CAPTCHA.
   • Don't require CAPTCHA.
4. Members.
   • Require CAPTCHA.
   • Don't require CAPTCHA.

If Blogger were to offer this binary option, too many owners would select "Anonymous" / "Don't require CAPTCHA" - and spammers would continue to flood the spam filters - as they were, before the latest update.

As long as spammers choose to do business - and choose to target our blogs, in their business - our choices, as blog owners and readers, will be limited.

>> Top

Clearing Cache, Cookies, And Other Website Data

Most of us, as we surf the Internet, are going to surf some websites, repeatedly.

Everybody has favourite websites. When we surf the same website, over and over, some of what we do and see may not change a lot.

To keep us from wasting our time, and generating unnecessary network traffic, our browsers keep track of the websites that we visit over and over, save records of what we do and copies of what we see, and note what has changed. The website content, stored locally, is known as "private" data.

There are times when we need to clear "private" data. Note the different browsers - and the different menus and selections, provided by each browser.

• If you have a problem when viewing your blog - or if you wish to immediately refresh your personal view of your blog, you should clear "cache".
• If you have a problem maintaining or publishing your blog - maybe when switching between Draft and Production Blogger, you should clear "cookies".
• Whenever you clear cookies, you should clear cache, also - so, if you have a problem when maintaining or publishing your blog, you should clear "cache, cookies, and sessions".

There are other reasons for clearing private data - but there are also reasons for not clearing private data, indiscriminately. It will be worth your time, to understand what and when you should clear - and not clear.

Normally, you would not, routinely, clear private data.

What if you use a publicly shared computer - maybe in a coffee shop or library? Or maybe, you carry your computer to a coffee shop or library? Do you want your private details - such as account names, passwords, even a list of what websites you surf - being available for other patrons of the coffee shop or library, after you leave?

Most of us do not want our private details, visible to any curious fellow patron - or maybe to our family either. But not all data is equally as damaging, if revealed to strangers, or to people who know us.

To help us keep our private lives private - yet not waste time or generate unnecessary network traffic, our browsers offer us the opportunity to save some content, and to delete other content - when we know what options are available to us.

• Cache.
• Forms.
• History.
• Passwords.
• Preference cookies.
• Session cookies.

Cache is simply locally stored copies of code and static pages, that you and other people, using the computer, might accumulate. Cache contains no sensitive, personally identifying material - other than (again) possibly identifying what websites you have visited.

If you share a computer with another person, identifying what websites you visited, and what websites the other person visited, will require knowing times each of you used the computer. There are no personal identifiers which indicate which of you visited a given website.

Forms contain online entered data, such as account names. Forms are slightly less sensitive than passwords, since they may contain large volumes of random data. Look at the boxes in the Blogger dashboard - those are all forms. Hidden in the forms, you may find an account name - or an email address. It's like asking how dangerous a needle may be, in a stack of hay.

History is a log, describing what websites, and website pages, that you have visited. History might be important if having people, other than you, know that you visit certain websites; other than the personal embarrassment possibility, history is relatively harmless.

Passwords are the most sensitive bit of data, that you can store on your computer. Someone extracting your passwords, on a per website basis, can use your account in each website, to operate as you. An online password is just as sensitive as the password (aka "PIN") that you might enter at an ATM.

Preference cookies (aka "cookies") are local storage of website relevant details. Preference cookies are miscellaneous settings, used to remember choices which you might make, when viewing a given website, repeatedly. Some browsers identify "preference cookies", and "session cookies", collectively, as just "cookies". Firefox, in various places, identifies "preference cookies" as "cookies", and "session cookies" as "sessions".

Session cookies (aka "sessions") are a cookie, designated by some browsers, as containing login identifiers, and other data relative to one website visit (but let you extend one "visit" to include multiple browser openings and closings). Firefox designates the Blogger login cookie as a session cookie. This is why, when I advise you to clear Blogger dashboard problems, I always specify clear "cache, cookies, and sessions".

In order of sensitivity, I would rank the above elements in a different order.

• Passwords.
• Forms.
• Session cookies.
• Preference cookies.
• History.
• Cache.

Look at cache, to start. Cache is locally stored copies of content, from remote servers. Other than inadvertently revealing our favourite naughty content, there is no danger in cache content being seen to other people. There are three scenarios, when we might want to clear cache.

• To clean up the computer, when it is running slower than normal.
• To provide an up to date copy of a website, immediately.
• When investigating a website login problem, such as a Blogger dashboard problem, which requires clearing cookies.

Cache takes up thousands as much space as cookies, and as passwords.

At the other end of the sensitivity scale, you find Passwords. My personal advice is to not store passwords, period. If you want convenience when accessing a website like Blogger, which offers long term login sessions - when you use a private and safe computer - simply don't log out, from Blogger. If you never clear session cookies, you never have to log out.

If you enjoy the convenience of online banking, on the other hand, you should always log out after an online banking session. If you never store passwords, for online banking, you never have to worry about clearing passwords.

In the middle of the scale, we find Cookies. A cookie is a small, encrypted file, which contains a single setting that lets us visit the same website repeatedly, without having to re enter something.

The Google login cookie (aka "session" cookie) lets us visit Google (and Blogger), and maintain our blogs, without having to login, over and over. This is the infamous "third party" cookie which we need, to use Blogger readily.

Cookies, since some provide login data, are encrypted. Open a cookie file, using a text reader, and see what is there (But do not use "Save" to close the text reader), if you wish to understand.

If you have a problem when viewing your blog - or if you wish to immediately refresh your personal view of your blog, you might clear "cache". If you have a problem with your Blogger dashboard - maybe when switching between Draft and Production Blogger, on the other hand, you would want to clear "cookies". Whenever you clear cookies, you should clear cache, also - so, if you have a problem when maintaining or publishing your blog, you will be advised to clear "cache, cookies, and sessions".

If you have inconsistent private data (cookies don't properly match cache or scripts), you may have to deal with one of the mysterious bX codes. When this happens, then clearing "cache, cookies, and sessions" may be one of the first things to try.

Note that not all problems involving "cache" or "cache, cookies, and sessions" may be solved by "clearing cache" or even "clearing cache, cookies, and sessions". Some problems may require corrected filtering. Also, not all problems, that involve cache, can be necessarily solved by clearing browser cache.

All of these are personal preferences, which I exercise - when using my own personal computer, in the privacy of my home. Other people may be more strict - or some computer owners may never clear anything. When using your computer outside your home - or maybe, when using a public computer - you may wish to be more careful.

My personal advice, for using a public computer, is simple.

• Never, except in an absolute emergency, use a public computer for online banking.
• Whenever finishing a session on a public computer, always clear all private data, and restart the computer.

Some short term use public computers, such as stand up terminals in libraries and shopping centres, are specially designed to reload the entire system configuration, and operating system, and wipe all "private" data, after each individual person has used the computer. If you must use a public computer, those would be the safest ones to use.

Similarly, if you carry your own computer outside your home, you may be concerned with other people seeing what's on your computer, intercepting your network activities (if you use a public network), and / or stealing the computer. Depending upon which possibility concerns you, you might take any or all precautions, before carrying the computer out the door.

• Clear passwords (if you store passwords, locally).
• Clear history and cache (if you fear people browsing your computer).
• Clear all private data (if you fear theft).

Who knows what embarrassment (financial, and personal) you might save yourself, by thinking ahead?

Confusion About GMail Vs Non GMail Based Email

Long ago, when diagnosing a problem thought to involve email, in Blogger Help Forum: Get Help with an Issue, we would ask a very simple question

Is your Blogger account based on a GMail - or non GMail - email address?

And we would carefully add

Please, do not state your email address, here!

The latter request was to prevent theft of peoples Blogger accounts.

Now, in many cases, we must qualify the question of email address. We also ask.

Is your email provided by your employer, ISP, or school network?

and even

Do you read your email in a browser window, or a local email client?

Modern email distribution is not always homogeneous.

Both questions reflect the complex nature of email delivery, that is a part of Internet reality.

Few people can accurately diagnose their problems, based only on the simple question

Is your Blogger account based on a GMail - or non GMail - email address?

The lines between GMail, and non GMail email accounts - and addresses - are not absolute, any more.

Both GMail and non GMail addresses may be used in a local network.

GMail, and non GMail addresses, alike, may use GMail browser based email, in delivery and display. And GMail accounts may use non GMail email systems, for addressing, delivery, and / or display.

These variations can lead to interesting scenarios such as mysterious loss of blog membership invitations, and of email subscriptions. And options for Blogger account recovery become more complicated - with password synchronisation issues, between the email account and the Blogger account.

Thanks to Google Apps based domains, and the ability to provide non GMail addresses which use GMail, anybody can use a non GMail address with GMail based delivery and display. Some people have even setup Blogger accounts, based on Google Apps based email addresses (again, appearing to be non GMail based) - though this is not recommended.

Managed domains may use GMail delivery, and a non GMail email address.

Corporate email systems, ISP provided email, and schools (of all grades, elementary through university) may use Google Apps based email. Many large local network based email systems have been "upgraded" to use cloud based email, such as GMail, for delivery and display. The results are not always beneficial.

And, thanks to "push / pull" GMail options, where an individual GMail account can be configured by a knowlegeable account owner, even individual account owners can use a GMail address, with non GMail delivery and display - or can use GMail display, for non GMail based address / delivery.

With computer owners who do not care or know about what email system they use, with where the individual messages may be filed, and with security filters that update without notice, loss of email messages is common.

Bounced email does not get dropped into the "Bulk" / "Spam" folder.

Note that "bounced" email may not be treated as spam. Some "bounced" email never gets as far as a spam filter - it may simply be rejected. You will look, in vain, in the "Bulk", "Inbox", and "Spam" folders.

This will interfere with account recovery - if you can't find the password reset email, how do you recover control of the account?

The simple question

Is your Blogger account based on a GMail - or non GMail - email address?

just is not accurate, when diagnosing all Blogger problems.

Adding An Office Document To Your Blog

Just as many blog owners enjoy the option to include photos and videos to their blogs, some would like to add office type multimedia.

Queries about adding PDF documents, spreadsheets, and Word documents, to our blogs, are frequently seen, in Blogger Help Forum: Learn More About Blogger.

One of the issues that need to be considered is that many professional documents are created using proprietary office software. PDF files, for instance, are created using Adobe Acrobat. Excel spreadsheets and Word documents are created using Microsoft Office. Another issue may involve confidentiality. Office documents may contain confidential data, that's not intended for the world to view.

Google has a solution for handling all of these proprietary file formats, and for the confidentiality issue.

Google provides Google Docs / Drive, which can be used to develop, publish, and share proprietary professional multimedia files - and maintain confidentiality.

Start by uploading any "professional" format file.

If you have a professional file, accessible from your computer, just open Google Docs / Drive, and upload the file. The "File upload" wizard has the standard wizard to "Select a file from your computer".

Or, you can make a new file, using Drive.

Alternately, you can develop a new document, using "NEW", and selecting the appropriate document type.

• Document (.doc, MSWord)
• Spreadsheet (.xls, MSExcel)
• Presentation (.pdf, Adobe Acrobat)
• Form
• Drawing

All useful document types.

With a file hosted by Drive, Publish and get code - or a link.

Having created or uploaded your file, follow instructions to embed or share your document, using Google+, EMail, FaceBook, and Twitter.

The "Link" link will provide a link which you can copy then paste into a blog post, an HTML gadget, or a LinkList entry, editing as desired.

The "Embed" link gives you an IFrame code. If you're editing a post, and you add your Embed code to your post, you'll get the best results from Editing in HTML mode. Similarly, if you add your Embed code to an HTML gadget, make sure that you are editing in HTML mode (with "Rich Text" displayed).

You can embed a file, in an IFrame.

Using an IFrame, you can embed a document in any HTML gadget, page or post - or even publish to a separate page, in the blog.

<iframe frameborder="0" height="680" src="https://docs.google.com/document/preview?authuser=0&hgd=1&id=1Z-4gSKJWzvb5onD5gslN69q9_sC6BH-f-4WwkXEYfaw" scrolling=no title="Test Document" width="100%"></iframe>

Google Calendar is a useful complement to all of these. You can embed your calendar - or anybody else's - using instructions from Google.

Use Drive for developing collaborated documents.

Be sure to set appropriate editing and viewing permissions for your readers, in the "Share with others" wizard. "Share with others" lets you create collaborative documents - giving other workers the ability to comment on and / or edit your documents, as you designate.

You can use Google Drive to develop important documents, in a group environment - and avoid the stress caused by AutoSave and Draft blog post editing. Maybe Blogger is not a Content Management System - but Google Drive can be.

Comments Posted Use "noreply" Email Addresses

Recently, we've noted a number of complaints about Blogger commenting, in Blogger Help Forum: Something Is Broken

.My comments all use a "noreply" email address, instead of my actual email address. How do I have people email their replies to my comments?

This appears to be one more way which Blogger is trying to safeguard our Blogger accounts and blogs, from malicious, technically astute blog thieves.

Some time ago, we observed that this precaution appeared to be unique to Blogger accounts which used Google and Google+ profiles - and did not involve Blogger profiles.

It appears that this is now universal, and includes Blogger profiles, as well as Google / Google+ profiles. It's likely that the noreply email addresses are being offered to keep more blog readers from, inadvertently, exposing their email addresses to email mining techniques.

In remembering the long ago discovered "nice blog" spam, it's possible that "nice blog" spam was originally developed to help the spammers gather email addresses, using very innovative technique.

All that a spammer has to do is to post a "nice blog" comment, select "Email follow-up comments to me" - then watch as the Inbox fills up with follow up comments from bloggers, willingly giving up their email addresses to every stranger also selecting "Email follow-up comments to me", in that comment thread.

The people willingly providing their email addresses, to the world in general, are perfect targets for hackers later trying to brute force access to the Blogger accounts, starting from the provided email addresses. Use of the "no-reply" email address prevents this type of mischief - and reduces the workload of Google Security, as they would otherwise have to verify account / blog integrity, for hacked accounts and blogs.

For even more protection (which is not a bad idea, in any case), consider using Google 2-Step Verification, to protect your Blogger / Google account from hacking.

>> Top

The Blogger "Contact" Form - What You See Is What You Get

Blog owners add the Blogger supplied Contact Form, then wonder about the details, and what options are available.

The Blogger supplied "Contact Form" gadget provides a very basic form, with few options. There's not a lot to do or see.

With the Blogger "Contact Form" gadget, what you see is what you get.

You add the form to the blog, and you change the Title of the form.

Use is simple. You fill out the form, and Send. The content, once sent, can't be edited.

The reply address is whatever you entered, in the "Email" box.

If you are the owner of the blog, the message goes to you. If the blog has multiple administrators, Send a test message, and have everybody check their Inboxes. Find out who should expect to see Contact messages, and what email addresses are targeted.

If you test the form on your blog, when using a Blogger account based on a non GMail email address, you may not receive the test entry in your Inbox.

If you, as the blog owner, want a form with more options, or the ability to manage form recipients, you use a third party form. You can use Google Docs, and create a simple "Contact Me" form, in 15 minutes. A Google Docs created form can have multiple, designated recipients, and can be edited by the sender. The Docs based form entry goes into an online database, which can be accessible by designated recipients.

You can embed a Google Docs based form in a page or post - and you can create your page or post as a separate tab, in the blog - as I added my Blogger "Contact Me" form or alternately, my Expanded Followers gadget, to this blog.

What you see below is my demonstration Google Docs form, embedded using an IFrame. The IFrame code is provided with the form, which required a brief 10 minutes to create. When you create your form, hit "Send form", then "Embed", to get the code for your form. You can see my improved Contact form, in my page, "Contact Me, Improved".

<iframe src="https://docs.google.com/forms/d/1JvoY2yf5aTChnvXlCgGsUerSCtI7RHpRdkq5SPBPm90/viewform?embedded=true" width="700" height="800" frameborder="0" marginheight="0" marginwidth="0">Loading...</iframe>

There are various third party, non Google "Contact" form suppliers - some free, others not - some reliable and safe, others not. Be careful, if you decide to use a non Google, third party, product.

>> Top

The CAPTCHA, For Anonymous Comments, Isn't Going Away

Several weeks ago, Blogger added a security feature to Blogger commenting, to reduce comment spam.

Note: Even if you don't have word verification turned on, anonymous commenters might be asked to enter some text. This helps protect your blog from abuse.

This change has not pleased everybody.

I disabled "prove you're not a robot" for commenting. Why do my readers still have to solve a CAPTCHA, each time they comment?

This blog owner is not looking at the bigger picture. This new feature will benefit many blog owners - when Blogger is used, properly.

By adding a CAPTCHA, to the option to allow anonymous comments, we get several benefits.

• People can allow anonymous comments, without allowing uncontrolled spammer activity.
• People can allow authenticated comments, and not require a CAPTCHA.
• The overall level of spam, currently being seen on some blogs which allow anonymous comments and require no CAPTCHA, will drop. This will allow Blogger Security engineers the chance to concentrate, more intently, on the remaining spam.

Instead of restricting the ability for people to comment on our blogs, this change actually increases the ability for people to comment - and decreases the spam.

People who are logged in to Blogger - and who are visible as logged in - won't even see the new CAPTCHA, even if they want to comment anonymously. Only people who are not logged in (or who are not seen as logged in), and who wish to comment without logging in, will be inconvenienced.

The biggest problem, with the new CAPTCHA form, is with people who are seeing the CAPTCHA even when logged in - because they are filtering "third party" cookies. Those people will have the choice of logging in again, or solving the CAPTCHA.

Anybody who is not logged in can avoid having to solve the CAPTCHA, even if one is presented, by logging in to Blogger. Since the standard Google "One account" login is used, people who do not have a Blogger account can setup one, on the fly, in a couple of minutes. This option is not obvious, from the commenting form - especially with the CAPTCHA displayed - but it is present.

Since the commenting form comes in 4 versions, depending upon template type and comment form placement, Blogger Engineering will need to make a coordinated effort, to improve the overall design of the comment form.

The various buttons and links, which allow the comments to be published using the many options, will have to be displayed better - to make it apparent to everybody that logging in to Blogger can avoid use of the CAPTCHA - even if the reader wishes to not identify, by commenting anonymously. And, other improvements are needed, also.

And once again, I will point out that a better user experience will be had by all who can properly maintain their computers, and not block "third party" cookies. Anybody, who is able to login to Blogger, should be able to comment anonymously, without inconvenience of the CAPTCHA.

Some solutions in Blogger require our action - not just action by Blogger Engineering.

>> Top

The "Reply" Option, For Embedded Comments

The option provided some time ago, to the embedded comment form, to allow "threaded" comments, is becoming quite popular.

Unfortunately, the "Reply" link does not always work. Blog owners and readers alike complain.

I click on "Reply", and nothing happens!

This problem appears to have accelerated recently, possibly resulting from the hasty rollout of the new anonymous comments CAPTCHA - but there are other less obvious possibilities, too.

The threaded comments "Reply" feature, a seemingly minor addition to the Blogger code base, can have problems with a number of issues.

• A Full Blog Feed.
• An up to date post template,
• The Google "One account" login, and cookie filtering.
• The recent addition of the anonymous commenting CAPTCHA.
• The threaded comments script, and recent script filter updates.

A Full blog feed is required.

Many blog owners are not aware that the "Reply" option won't be available, without a Full Blog Feed. Go to the dashboard, and look at "Allow Blog Feed", under Settings - Other - Site feed.

For threaded comments, you will need a Full Blog Feed (for both comments and posts) - and this will exclude private blogs.

Any "Allow Blog Feed" selection, other than "Full", will be a problem.



An up to date post template is a good idea.

Threaded comments, like every other post and comment feature, works best on an up to date post template. Any time threaded comments stops working, and you have not changed the blog feed, try resetting the post template. Now, here's hoping that you have not made extensive post template tweaks.

The identity of the person who wants to reply is useful.

Threaded Blogger hosted comments code, like threaded Google+ hosted comments, other commenting scripts, and many other Blogger features, needs access to the login cookie, to identify the person preparing to comment. Because of the use of the Google "One account" login, "third party" cookie filters must be examined.

Anything that interferes with the CAPTCHA will be a problem.

The recent addition of the anonymous comment CAPTCHA, appears to have caused some problems. This may be an matter for Blogger Engineering to correct.

Anything that interferes with scripts will be a big problem.

All Blogger scripts, including the script which services the "Reply" link, are subject to script filtering. Script filters are subject to update, on every different client computer - generally without notice to the computer owner. Always check script filters.

Blog owners and readers, alike, need to be aware of the issues, to use Blogger effectively. Threaded comments are no exception to this requirement.