New web-based ABX testing tool
Reply #2 – 2014-11-27 08:55:49
You put up the files on an appropriately configured hosting server (Note: Dropbox Public folders work) You send a link to your prospective participants, which will load your configuration and run your test. . Thanks for your efforts. Is there any mechanism in place where an uploaded file name which already has been used in the system is locked out from anyone attempting to upload another file with the exact same name at a later date? That would be desirable, because it may help prevent one form of fraud. In theory scammers can falsify current ABX test logs by using a file of the same name as one being used in a public forum and when we look at their ABX test logs it will deceive us that they have listened to the same two files as everyone else taking the test, however in truth one of the files they used was their secondary file which used the exact same name as the true, legit file, but was actually their completely different song masquerading as the legit file, making it easy to ID. Because this tool is 100% client side Javascript (what is loaded from the server is just HTML, CSS and Javascript files) there is no way for the server to store URLs that have already been used. However, the URL that you send people is a complete URL. For example, the URL for my 'sample' test in Dropbox (which is the exact same one included in the 'fun pack' is: abx.digitalfeed.net/dyot.html?test=https://dl.dropboxusercontent.com/u/8333531/abxtest/example_test.json The full URLs of all the files to be used for the test are contained in that JSON file. Below is an excerpt from the JSON file: { "artist": "Felix Mendelssohn", "album": "Symphony 3 in A Minor", "track": "Allegro vivacissimo", "thumbnail": "https://dl.dropboxusercontent.com/u/8333531/abxtest/coverart_1.png", "background": "https://dl.dropboxusercontent.com/u/8333531/abxtest/background_1.png", "A": "https://dl.dropboxusercontent.com/u/8333531/abxtest/mendelssohn.30.lossless", "B": "https://dl.dropboxusercontent.com/u/8333531/abxtest/mendelssohn.30.opus.64" }, There you can see the full URLs for the various images and FLAC files (kind of; those are kind of URL stubs. There are details about that in the README.txt). So long as you don't lose control of the place you're hosting the test no-one can make that URL point to another test. Strictly speaking, because the app is completely client-side a devious user could open the Javascript debugger, set some breakpoints, and modify the results directly in memory. The risk of that can be reduced somewhat by me obfuscating the code (which I've not done, because I wanted people who wanted to to be able to read it over). However, if someone is really clever and dedicated it will be impossible to stop them fabricating the results they provide to you. Unless you actually have somewhere to collect the results (when they are transmitted via a HTTP POST) you have to essentially rely on users to provide the results anyway. (note: that does make me realise I need an easy way for users to get a chunk of text or CSV to send to someone running a test). Probably the best possible protection is for me to minify the scripts so they are hard to read and therefore modify with a debugger. That will not stop someone modifying the outgoing HTTP POST if they are dedicated. Unfortunately the only way to build an ABX tool really hardened against malicious users trying to defraud the system is to write it in something like Flash, and even then it is only risk reduction.