DOCSLIB.ORG

A Deeper Look at Web Content Availability and Consistency Over HTTP/S

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
A Deeper Look at Web Content Availability and Consistency Over HTTP/S A Deeper Look at Web Content Availability and Consistency over HTTP/S Muhammad Talha Paracha*, Balakrishnan Chandrasekaran†, David Choffnes*, Dave Levin‡ *Northeastern University, †Max-Planck-Institut fur¨ Informatik, ‡University of Maryland, College Park Abstract—Recent studies of HTTPS adoption have found rapid progress towards an HTTPS-by-default web. However, these studies make two (sometimes tacit) assumptions: (1) That server- side HTTPS support can be inferred by the landing page (“/”) alone, and (2) That a resource hosted over HTTP and HTTPS has the same content over both. In this paper, we empirically show that neither of these assumptions hold universally. We crawl beyond the landing page to better understand HTTPS content unavailability and inconsistency issues that remain in today’s popular HTTPS-supporting websites. Our analysis shows that 1.5% of the HTTPS-supporting websites from the Alexa top 110k have at least one page available via HTTP but not HTTPS. Surprisingly, we also find 3.7% of websites with at least one URL where a server returns substantially different content over HTTP Fig. 1: Examples of webpages with different content using compared to HTTPS. We propose new heuristics for finding HTTP vs HTTPS. these unavailability and inconsistency issues, explore several root causes, and identify mitigation strategies. Taken together, our secure variant—as many papers and tools have suggested— findings highlight that a low, but significant fraction of HTTPS- risks unexpected side-effects in usability. supporting websites would not function properly if browsers use In this work, we empirically show that this conventional HTTPS-by-default, and motivate the need for more work on wisdom does not universally hold. We identify inconsistencies automating and auditing the process of migrating to HTTPS. between HTTP and HTTPS requests to the same URI, in Index Terms—HTTPS, Internet Measurements, HTTP/S Con- sistency terms of content unavailability over one protocol and content differences between them. Rather than restrict our study to I. INTRODUCTION landing pages, we conduct a deep crawl (up to 250 pages) of each of the Alexa top 100k sites, and for a 10k sample The importance and ease of deploying HTTPS websites of the remaining 900k sites on the Alexa top 1M list [7]. has increased dramatically over recent years. Recent studies We then analyze the retrieved pages to identify substantial of HTTPS adoption have found rapidly increasing adoption, content inconsistencies between HTTP and HTTPS versions leading some to speculate that most major websites will soon of the same page, using a novel combination of state-of-the-art be able to redirect all HTTP requests to HTTPS [1]. Indeed, heuristics. some client-side tools even go so far as to force all web We find that a small but significant fraction of sites have requests to be made via HTTPS [2]. content unavailability (1.5%) and differences (3.7%) for at However, to our knowledge, all previous work measuring least one page on the website. Fig. 1 provides two examples the deployment of HTTPS [1], [3]–[6] makes two basic but of how pages can differ significantly over HTTP/S. These fundamental assumptions: (1) They assess server-side HTTPS issues affect pages across all levels of popularity, with content support by looking at a single page: the domain’s landing page differences being slightly more likely on popular pages than (also known as its root document, “/”), and (2) They assume unpopular ones. While the number of pages per site with that any resource that is available over both HTTP and HTTPS inconsistencies is low on average, we find that such issues has the same content (in the absence of an attack, of course)— affect more than 50 pages for 15% of sites analyzed. We char- that is, that the only difference between http://URI and acterize common patterns for such inconsistencies, identifying https://URI is that the latter is served over TLS. that pages on websites are unavailable due to partial support Unfortunately, neither of these assumptions has been em- of HTTPS (some directories are never served over HTTPS), pirically evaluated. This is important because, if they do not different versions of webpage content available only over one hold, they threaten our understanding of how HTTPS is truly protocol, and misconfigurations related to redirections and deployed. For example, the fact that a landing page is (or is hard-coded port numbers. In addition, we find that content is not) secure might not necessarily indicate the security of the different between HTTP/S for reasons such as HTTPS-support site writ large. Moreover, if there are content differences be- “in name only” (default server page is returned over HTTPS), tween HTTP and HTTPS, then merely defaulting to the more redirections exclusive to one protocol, or misconfigured HTTP 978-3-903176-27-0 © 2020 IFIP status codes. Last, we return to the HTTPS adoption metrics used in prior research and evaluate their efficacy in light of Kumar et al. [13] explored how third-party dependencies our findings. can hinder HTTPS adoption. In their study, 28% of HTTP- The main contributions of this paper are a large-scale mea- only sites were blocked from migrating to HTTPS due to surement to reassess the consistency of HTTPS support beyond their reliance on at least one HTTP-only third-party Javascript the landing page, new heuristics for automatically identifying and/or CSS resource. But their analysis also assumed that significant content differences between HTTP/S, a character- resources available over both HTTP/S serve the same content, ization of observed HTTP/S inconsistencies, and analysis of as they suggested the other 72% sites to migrate to HTTPS mitigation opportunities. In addition to these main contribu- by merely updating the protocol in the resource URLs. tions, for the purposes of repeatability we have made our efficient web crawler code, dataset, and analysis code publicly HTTPS Misconfigurations Fahl et al. [14] surveyed 755 available at https://github.com/NEU-SNS/content-differences. webmasters of the sites with invalid HTTPS certificates, in an effort to determine whether the behavior was intentional II. RELATED WORK or accidental. Two-thirds of the respondents admitted to de- liberately using an invalid certificate, for reasons that include Relevant HTTPS attacks and mitigations There are using a custom PKI or administering test pages not intended severe security and privacy risks to users caused by a com- for real-world users. In this work, we find inconsistent content bination of HTTP-by-default behavior in web browsers, and and availability for HTTP/S-supporting websites and manually limited deployment of HTTPS support (e.g., [8]–[10]). Prior investigate a sample of cases to understand their root causes. work argues for HTTPS to be supported on every page of a website to mitigate these threats. In this paper, we investigate III. METHODOLOGY whether sites conform to this approach (and discover signifi- This section describes our measurement methods for crawl- cant discrepancies). ing websites and identifying inconsistencies. To force a web browser to use HTTPS to access a site, web servers may use HTTP Strict Transport Security [11] A. HTTP/S Inconsistencies (HSTS) and users can install extensions like HTTPS Ev- We focus our study on websites that support both HTTP and erywhere in their web browser [2]. While potentially help- HTTPS on the landing page. For this set of sites, we measure ful, these approaches rely on manually maintained lists1 of whether there are different results when accessing the same (non)conforming websites that cannot scale to the entire web. resource over HTTP and HTTPS. We categorize such cases of In light of such limitations, Sivakorn et al. [12] argue that inconsistencies between protocols as follows: an HTTPS-by-default approach might be the only solution. In Content unavailability This occurs when a resource is this work, we identify that there remain a small but substantial successfully retrieved via HTTP, but not HTTPS (i.e., HTTP fraction of sites with HTTPS deployment gaps (including those status code >= 400,2 or an error3). using HSTS) that must be addressed before the web is ready Content difference This occurs when a resource is available for it. over both HTTP and HTTPS, but the content retrieved differs HTTPS adoption There is a significant body of work on significantly (as defined in §III-C). measuring HTTPS adoption using both passive data sets and active scans (e.g., [1], [3]–[6]). Durumeric et al. [3] measured B. Crawling Overview HTTPS adoption using one year of repeated scans of the entire We limit our analysis to differences in HTML content served IPv4 address space. In contrast, Felt et al. [1] conducted active by a website, which we refer to as pages, and do not consider scans and combined them with passive browser telemetry embedded resources (e.g., CSS and Javascript files). When data—obtained from the Google Chrome and Mozilla Firefox crawling a website, we conduct a depth-first search of all browsers—to provide server- as well as client-based perspec- links to other webpages with the same second-level (TLD+1) tives on HTTPS adoption. Overall, the results from these prior domain—which we call internal links)—starting at the landing studies indicate a steady trend towards HTTPS-everywhere. page for the site. However, they either implicitly or explicitly assume that if The websites we crawled are a subset of the Alexa global the landing page is hosted via HTTPS then the same is true top 1 M domains. We chose this list because it represents sites for all of that website’s resources; and that when both HTTP visited by users via web browsers [15]. Our analysis covers and HTTPS versions of a page are available, then the content all of the top 100K most popular domains.
Load more

Recommended publications
  • Netscape Guide by Yahoo!
    Netscape Guide By Yahoo! Now Available New Customizable Internet Information and Navigation Service Launched by Netscape and Yahoo! SANTA CLARA, CA and MOUNTAIN VIEW, CA -- April 29, 1997 -- Yahoo! Inc. (NASDAQ: YHOO) and Netscape Communications Corporation (NASDAQ: NSCP) today launched Netscape Guide by Yahoo!, a new personalized Internet navigation service designed to provide Internet users with a central source of sites, news and events on the Web. The Guide features customizable sections for several popular information categories, including Business, Finance, Entertainment, Sports, Computers & Internet, Shopping and Travel. Yahoo! plans to expand the service with additional categories in the future, including local information. Netscape Guide by Yahoo! replaces the Destinations section of the Netscape Internet Site and is immediately accessible through Netscape's Internet site (http://home.netscape.com), from the "Guide" button on the Netscape Communicator toolbar and from the "Destinations" button on Netscape Navigator 3.0. Users accessing Destinations will be automatically directed to Netscape Guide by Yahoo!. "Netscape Guide by Yahoo! gives Internet users quick and easy access to the most popular information areas on the Web, all from one central location," said Jeff Mallett, Yahoo!'s senior vice president of business operations. "It also provides Web content providers and advertisers a unique opportunity to reach targeted and growing audiences." "Accessible to the more than four million daily visitors to the Netscape Internet site and the over 50 million users of Netscape client software, Netscape Guide by Yahoo! will direct users to the online sites, news and information they need," said Jennifer Bailey, vice president of electronic marketing at Netscape.
    [Show full text]
  • Oracle Eloqua Landing Pages User Guide
    Oracle Eloqua Landing Pages User Guide ©2018 Oracle Corporation. All rights reserved 07-Nov-2018 Contents 1 Landing pages overview 4 2 Landing page examples 7 3 Creating landing pages using the Design Editor 17 3.1 Working with landing page content blocks and layouts 20 3.1.1 Copying content blocks or layouts 24 3.2 Landing page styling 27 3.2.1 Background 29 3.2.2 Text Defaults 29 3.2.3 Hyperlink Defaults 29 3.2.4 Advanced Styles 29 3.3 Adding an image carousel 30 3.4 Adding a form 32 3.5 Changing the visibility of landing pages 33 3.6 Previewing landing pages 35 3.7 Creating folders for landing pages 38 3.8 Saving landing pages as templates 40 3.9 Editing landing pages 43 3.10 Making copies of landing pages 44 3.11 Deleting landing pages 47 4 Creating landing pages using the Source Editor 49 4.1 Code requirements for uploading HTML landing pages 53 4.2 Editing HTML landing pages using the Source Editor 55 4.3 Creating new landing pages and templates using the HTML upload wizard 57 5 Creating landing pages using the Classic Design Editor 63 5.1 Adding text boxes to landing pages 68 ©2018 Oracle Corporation. All rights reserved 2 of 102 5.2 Customizing landing page text boxes and images 70 5.3 Locking and unlocking objects in landing pages 83 5.4 Copying landing page objects 87 5.5 Grouping objects in landing pages 89 5.6 Using landing page recovery checkpoints 91 6 Landing page template manager 95 6.1 Granting template manager permission 95 6.2 Creating new landing page templates from the template manager 96 6.3 Editing landing page templates 98 6.4 Adding protections in landing page templates 99 6.4.1 Protected HTML landing page reference 102 ©2018 Oracle Corporation.
    [Show full text]
  • What Are Facebook Messenger Ads?
    1 TABLE OF CONTENTS INTRODUCTION CHAPTER 1: What is Facebook Messenger? CHAPTER 2: What are Facebook Messenger Ads? CHAPTER 3: What are the Features That Facebook Messenger Ads Offer CHAPTER 4: Three Ways to Get Facebook Messenger Ads to Bolster Revenue Growth CHAPTER 5: What is Chatbot Marketing? CONCLUSION 2 The Guide to Facebook Messenger Ads INTRODUCTION We all agree that instant messaging is simpler, more real-time and prompt. It is these attributes that lie at the bottom of the phenomenal success of apps like WhatsApp, Snap Chat, Instagram Messaging – all of which are now being increasingly used by businesses to promote their products and services. Facebook Messenger ads for eCommerce is one such channel which is being used by online businesses to interact with their prospective and current customers. With this eBook, you’ll learn how Facebook Messenger Ads are able to power your sales strategy, how you can get started with Facebook Messenger Ads and see great examples of popular brands using Facebook Messenger Ads. We will talk about Chatbot Marketing too. 3 CHAPTER 1: WHAT IS FACEBOOK MESSENGER? The Facebook Messenger is an instant messaging service by Facebook. Launched in 2011, this app can be used alongside your Facebook account on your computers, tabs or phones. While on the computer, you will see the Messenger integrated with your Facebook page. The same functionality is used through a separate app on your hand-held devices, which brings me to the next interesting fact; and that is, you don’t need a Facebook account to use its Messenger app.
    [Show full text]
  • Partner in Business
    PENTELEDATA’S CUSTOMER NEWSLETTER CONTENTS PARTNER IN BUSINESS OUR PARTNER IN BUSINESS - FIRST First Commonwealth Federal COMMONWEALTH FEDERAL CREDIT UNION Credit Union PenTeleData is proud of our partner- ship with First Commonwealth. First Commonwealth is the largest credit union in the Lehigh Valley, with over $550 million in LETTER FROM OUR GM assets, nearly 50,000 members and six branches. They offer the same financial services UPCOMING EVENTS found at a traditional bank, but with better FLASHBACK JUST 25 YEARS AGO...IT’S rates and lower fees. That's because they’re ALL BECAUSE OF OUR FIBER! structured differently. They are member- TECH TIP: owned and not-for-profit. Instead of earning What to do if your Cable Modem money for stockholders, they return profits to or DSL Stops Working? their member-owners (account holders) in the form of higher dividends on savings, lower DO YOU HEAR THE SONIC BOOM? rates on loans and lower fees. First Common- DOCSIS 3.0 packages for Business wealth was originally chartered in 1959 to begin this summer. An upgrade to their data processing sys- CUSTOMER CONTEST serve the employees of Western Electric in Al- tem will allow them to better serve their customers, with fully lentown. Today, they serve nearly 700 employer integrated accounts and streamlined processes. The more APRIL 2013 CUSTOMER CONTEST groups – ranging from large corporations to advanced technology will help to serve their members WINNER very small businesses. Their full-service menu quickly and efficiently with options such as mobile banking, includes everything from checking accounts OUR NEW RESIDENTIAL WEBSITE redesigned statements, account alerts via text messaging, and debit cards to mortgages, online banking FEATURES SOME VERY FRIENDLY FACES! and a customized landing page for account log-in.
    [Show full text]
  • Internal Linking
    INTERNAL LINKING IS “LINK JUICE” STILL IMPORTANT? IS “LINK JUICE” STILL IMPORTANT? • Internal linking has always been seen as one of the key steps to success in search engine optimization. To paraphrase Ray Liotta in Field of Dreams: if you build your links, you will rank. • As such, it is understandable that linking strategy is often an important focus for many search engine optimizers. If you search online, you will probably find hundreds of guides touting the best internal and external strategy for success. They all follow more or less the same idea, but we’ll get to that in a bit. IS “LINK JUICE” STILL IMPORTANT? • A recent tweet made by Google Webmaster Trends Analyst John Mueller has had many webmasters questioning what they know about link building and how effective touted strategies really are for making pages rank. • On 29 July, a Twitter user asked Mueller a question regarding passing link juice from a site’s homepage to other pages and how the placement of links affected this. IS “LINK JUICE” STILL IMPORTANT? SO, WHAT DOES THIS MEAN FOR INTERNAL LINKING AND LINK BUILDING? • Well, let’s dissect by first having a look at the traditional approach to SEO internal linking and then analyze this in relation to Mueller’s statement. HOW TO BUILD INTERNAL LINKS (THE TRADITIONAL WAY) • For the longest time, there has always been one rather traditional approach to internal linking in SEO. You look on any self-proclaimed “best guide” touting the “best practice” and you’re going to see a tree chart, which basically maps the site’s structure or the content silo.
    [Show full text]
  • What Is Link Building and How It Is Useful?
    What is Link Building and How it is Useful? digitalmarketingtrends.in/what-is-link-building-and-how-it-is-useful/ Devoo Banna March 23, 2019 What is Link Building and How it is Useful? (90%) Votes Whether you are new or old brand, the main thing you need to know about the link building concept is how it is useful and what is its goal. Basically is helps in boosting your site’s visibility in online world. The way of SEO and link building services is always updated or followed accordingly with the latest trends and techniques in the market according to the Google algorithm. Link building is important, if you want to compete and thrive in the online world. SEO has becoming the vital part of digital marketing. It would be better explained, if it is given the title of need for the hour. Marketing involves different strategies which have been applied for a long duration. Rankraft, the best digital marketing agency of India acts as a supporter to your business which eventually helps your business grow each day. With the help of digital service, the world is now getting an idea of the different strategies in online marketing. SEO is a major tool to promote and initiate online branding, generating organic traffic, online publicity and many things. Thus, it is the time when the search engine optimization expertise is going to get the most of the importance. Rankraft is one of the best online marketing agency where they shape your business as per the latest digital trends to help you for your site’s link building which ensures your business growth.
    [Show full text]
  • Netscape 6.2.3 Software for Solaris Operating Environment
    What’s New in Netscape 6.2 Netscape 6.2 builds on the successful release of Netscape 6.1 and allows you to do more online with power, efficiency and safety. New is this release are: Support for the latest operating systems ¨ BETTER INTEGRATION WITH WINDOWS XP q Netscape 6.2 is now only one click away within the Windows XP Start menu if you choose Netscape as your default browser and mail applications. Also, you can view the number of incoming email messages you have from your Windows XP login screen. ¨ FULL SUPPORT FOR MACINTOSH OS X Other enhancements Netscape 6.2 offers a more seamless experience between Netscape Mail and other applications on the Windows platform. For example, you can now easily send documents from within Microsoft Word, Excel or Power Point without leaving that application. Simply choose File, “Send To” to invoke the Netscape Mail client to send the document. What follows is a more comprehensive list of the enhancements delivered in Netscape 6.1 CONFIDENTIAL UNTIL AUGUST 8, 2001 Netscape 6.1 Highlights PR Contact: Catherine Corre – (650) 937-4046 CONFIDENTIAL UNTIL AUGUST 8, 2001 Netscape Communications Corporation ("Netscape") and its licensors retain all ownership rights to this document (the "Document"). Use of the Document is governed by applicable copyright law. Netscape may revise this Document from time to time without notice. THIS DOCUMENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN NO EVENT SHALL NETSCAPE BE LIABLE FOR INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY KIND ARISING FROM ANY ERROR IN THIS DOCUMENT, INCLUDING WITHOUT LIMITATION ANY LOSS OR INTERRUPTION OF BUSINESS, PROFITS, USE OR DATA.
    [Show full text]
  • The Ultimate Guide to Web Hosting for Beginners. Don't Be
    Welcome to the Ultimate Guide to Web Hosting for Beginners. Don’t be fooled by the name – this is a top-notch exhaustive resource, for new website owners and veterans alike, created by hosting experts with years of experience. Our mission: to help you save money and avoid hosting scams. Your part: please be kind and share this guide with someone. We made it to help you choose the right hosting, make the most of it and save big bucks on the long run. Here’s what this guide covers: VPS, Cloud and Dedicated hosting: types, pricing and technologies How to choose the right OS SEO and web hosting Installing WordPress in 5 easy steps The common dirty tricks of web hosting companies (and how to avoid them) The Most important features in shared web hosting To make the most of the information we’ve gathered here for you, we recommend taking these articles one at a time. Be sure to keep a notepad and a pen with you, because there will be some stuff you may want to write down. And now, 1. We hope you enjoy reading this guide as much as we had enjoyed writing it 2. Keep safe out there, and open your eyes to avoid scams and dirty tricks 3. Feel free to ask us anything. We’re at http://facebook.com/HostTracer 4. Please consider sharing your hosting experience with us on our community, at http://hosttracer.com Good luck! Idan Cohen, Eliran Ouzan, Max Ostryzhko and Amos Weiskopf Table of Contents Chapter 1: Introduction, and a Hosting Glossary .................................................
    [Show full text]
  • How to Promote Your How to Promote Your Business Blog Using Business
    How to Promote Your Business Blog Using HubSpot Prashant Kaw Ellie Mirman Inbound Marketing Manager Inbound Marketing Manager Twitter: @prashantkaw Twitter: @ellieeille Promoting Your Business Blog Build thought leadership Optimize content for search Share your remarkable content Interact with your community Create business opportunities Q&A Who is HubSpot? • Founded: 2006 1,800+ Customers • Team: 120 (20 MIT) • A: $5m General Catalyst • B: $12m Matrix Partners • C: $16m Scale Ventures • Outside Director: GilGail GdGoodman, CEO Constant Contact (CTCT) Outbound Marketing Outbound Marketing is Broken 800-555-1234 Annoying Salesperson Marketing Has Changed 1950 - 2000 2000 - 2050 The Good News Build Thought LdLeaders hip Content > Coverage > Traffic/Leads What to Publish • Blog • Podcast • Videos • Phooostos • Presentations • eBooks • News Releases Create Content for SEO Organic Search is Better Pay Per Click – 25% of Clicks Organic Results 75% of Clicks Source: Marketing Sherpa and Enquiro Research Build a Long Lasting Asset Flickr photo: Thomas Hawk Pick Your Keyword Battles Optimize Every Blog Post Share Your CttContent Social Media = Cocktail Party Flickr: TECHcocktail Publish Content to Social Media Publish Content to Social Media Encourage Sharing of Content Interact with CitCommunity Host Conversations Answer Questions Comment On Blogs Move Beyond Your Blog Monitor & Engage in Conversations Create Business OtitiOpportunities Convert Conversations Targeted calls to action at every step Convert Conversations Capture leads with ldilanding
    [Show full text]
  • Chapter 1 Web Basics and Overview
    Chapter 1 Web Basics and Overview The Web is an Internet-based distributed information system. Anyone with a computer connected to the Internet can easily retrieve information by giving a Web address or by simply clicking a mouse button. The Web is a great way to disseminate information and making it available 24/7. Information can also be collected from Web users and customers through online forms. Maintainers and administrators can control and update Web content from anywhere on the Web. All these make the Web a powerful tool for mass communication, e-business and e-commerce. Compared with TV, radio, news papers, and magazines, putting the word out on the Web is relatively simple and inexpensive. But a website is much more than such one-way communication media. It can be a virtual o±ce or store that is always open and supported by workers from anywhere. Web service companies o®er free Web space and tools to generate simple personal or even business Web pages. But, well-designed and professionally implemented websites are much more involved. Even then, expertly produced websites are still much more cost-e®ective than other means of mass communication. For business and commerce, the cost of a website is negligible when compared to building and operating a brick-and-mortar o±ce or store. Once in-place, a website is a store that never closes and that is very attractive. People take great pains in building an o±ce or store to project the right image and to serve the needs 7 8 CHAPTER 1.
    [Show full text]
  • Identity Governance 3.6 User and Administration Guide
    Identity Governance 3.6 User and Administration Guide April 2020 Legal Notice The only warranties for products and services of Micro Focus and its affiliates and licensors (“Micro Focus”) are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Micro Focus shall not be liable for technical or editorial errors or omissions contained herein. The information contained herein is subject to change without notice. For additional information, such as certification-related notices and trademarks, see http://www.microfocus.com/about/ legal/. © Copyright 2020 Micro Focus or one of its affiliates. 2 Contents About this Book and the Library 11 1 Introduction 13 1.1 Understanding Installation and Configuration . .14 1.2 Understanding Key Administration and User Tasks . .14 1.3 Understanding Reporting . .14 1.4 Understanding Licenses . .15 1.5 Understanding REST Services for Identity Governance . .15 2 Adding Identity Governance Users and Assigning Authorizations 17 2.1 Understanding Authorizations in Identity Governance . .17 2.1.1 Global Authorizations. .17 2.1.2 Runtime Authorizations . .20 2.2 Adding Identity Governance Users. .22 2.3 Assigning Authorizations to Identity Governance Users . .23 2.4 Using Coverage Maps . .24 2.4.1 Creating Coverage Map . .25 2.4.2 Loading the Coverage Map . .29 3 Customizing Identity Governance for Your Enterprise 31 3.1 Customizing the Email Notification Templates . .31 3.1.1 Modifying Email Templates . .32 3.1.2 Adding an Image to the Email Template. .37 3.2 Customizing the Collector Templates for Data Sources . 38 3.3 Customizing Categories.
    [Show full text]
  • How Content Volume on Landing Pages Influences Consumer Behavior
    June 23 - 28 2018, La Verne, California, USA HOW CONTENT VOLUME ON LANDING PAGES INFLUENCES CONSUMER BEHAVIOR: EMPIRICAL EVIDENCE Ruti Gafni* The Academic College of Tel Aviv Yaffo, [email protected] Tel Aviv, Israel Nim Dvir University at Albany, State University of New York, [email protected] Albany, NY, USA * Corresponding author ABSTRACT Aim/Purpose This paper describes an empirical investigation on how consumer behavior is influenced by the volume of content on a commercial landing page -- a stand- alone web page designed to collect user data (in this case the user’s e-mail ad- dress), a behavior called “conversion.” Background Content is a term commonly used to describe the information made available by a website or other electronic medium. A pertinent debate among scholars and practitioners relate to information volume and consumer behavior: do more details elicit engagement and compliance, operationalized through conver- sions, or the other way around? Methodology A pilot study (n= 535) was conducted in real-world commercial setting, fol- lowed by a series of large-scale online experiments (n= 27,083). Both studies employed a between-group design: Two variations of landing pages, long and short, were created based on various behavioral theories. User traffic to the pages was generated using online advertising and randomized between the pag- es (A/B testing). Contribution This research contributes to the body of knowledge on the antecedents and outcomes of online commercial interaction, focusing on content as a determi- nant of consumer decision-making and behavior. Accepting Editor: Eli Cohen │ Received: December 2, 2017 │ Revised: February 28, 2018 │ Accepted: March 3, 2018.
    [Show full text]