[amp-list] amp-list to support AMP-Redirect-To as amp-form

[leonahliang90]

hey, I would like to know is there any chance that I can use amp-list to do the redirect navigation as amp-form ? Because currently we are facing an issue while dealing with Web Crawler, when our backend detects and suspects the request is a malicious spider, it returns with HTTP Code 302 and a text/html Content-Type of file. But we will not be able to proceed the request with amp-list as we cannot navigate to another page with amp-list,may I know is there any possibility we might use AMP-Redirect-To on amp-list or any workaround can suggest to us on this scenario please?

[aghassemi]

Unlikely we can support this without opening an abuse vector. Unlike form submit which is tied to a user click, amp-list loads the data without user-interaction and allowing the JSON response to redirect the page would essentially enable navigation without user-interaction in AMP.

When amp-list fails to load data, <div fallback> is shown, would that be a possible solution for your use-case? For example showing some sort of error message button/link that would take the used to the page you like them to go to?

[leonahliang90]

@aghassemi hey thank you for the prompt reply, yes, I agreed with you that user should be notified. we are currently using this approach but seems like it is taking ONE more extra step for the user to do the verification and there will be some risk that not all the user will click on the "CONFIRM NOW" button and just leave the site.

just FYI, We tried to embed an amp-iframe but seems like it is not working at our side as expected because the src has to be different origin. And also the fallback can only be used for ONE purpose when HTTP request didn't return expected result , we are currently using the fallback to display No Item Found message and we manage to fix this by creating another amp-list based on the DIFFERENT structure of JSON returned from the same source in displaying the Robot Verification Message.

I am thinking how about by adding extra allow-redirect param on amp-list, by enabling this it will allow the amp-list to redirect based on the type of Content-Type returned ?

[aghassemi]

@leonalicious Thanks for clarifying the use case here (By the way, I love how articulate your communication is with all the GIFs, clear problem statement and solution proposal! 💯)

Let's think about a few solutions here. Although allowing amp-list to redirect the page solves the issue and your use of it is completely reasonable, it also opens a can of worms for abuse. It essentially allows an AMP page to do a navigation on load (e.g. take the user to an Ad page and redirect back creating interstitials). Due to AMP's need to be able to guarantee a base-line user-experience, we need to be mindful when enabling some feature due to the risk they introduce.

I think having the "swipe verification UI" in the list ( in place of the current "We are pretty sure you are not a robot" ) is a good UX. User is still within the context of the page and can quickly unblock themselves. Let's try to make this work:

amp-iframe requires a separate domain mostly so iframed pages don't endup relying on same-pageness feature which later get broken when served from amp-cache. There is no technical reason behind it other than that. You would be able to create a sub-domain alias to server it from?

I agree that fallback ay not be the right solution. You should be able to leverage amp-mustache to render differently based on the JSON so your robot response can have only one item which triggers a different template rendering than other items.

<template>
  {{#isRobotError}}
   <amp-iframe>
  {{/isRobotError}}
  {{#isRobotError}}
   <div item>
  {{/isRobotError}}
</template>

thoughts?

[leonahliang90]

We can't put the 'Swipe Verification UI' in the amp-list as we cannot write Cookie on AMP Page.

Understood and cant agree more with you. I think I got the answer I am seeking for already, let's keep it as what it is right now, thank you & cheers