The Platform for Internet Content Selection (PICS) is a W3C group chartered to define a standard for the creation of rating systems and rating information. PICS is the open W3C standard for solving the problems with minors accessing adult content on the Internet; Microsoft views PICS as the best direction for solving these problems. This document describes how to support ratings on the Microsoft® Internet Explorer platform. It is intended for HTML authors who wish to support PICS ratings on their site, and also for programmers who are developing Web authoring or viewing tools and applications.
Internet Ratings API Reference
This section describes how the PICS system works, shows an example of rating information within an HTML page, and briefly describes the PICS specification.
The PICS system has two types of components: rating systems and rating labels. A rating system defines the criteria for how content is rated. PICS has created a meta-language for defining the different categories and the different values for rating content. For example, the Motion Picture Association of America (MPAA) rating system has one category with five values: G, PG, PG-13, R, and NC-17. Using the PICS specification, rating systems with multiple categories can be defined.
The rating label is the actual rating information. The label can appear on a Web page as part of the HTML content, on a third-party Web site, or anywhere else that a particular client application "knows" to look for them. Each item of content that is rated would have its own label. PICS has defined the syntax for these rating labels, as well as extensions to many Internet protocols to support labels.
The PICS system works by matching labels to their associated systems. The client software, either part of the Web browser or a separate application, allows parents to decide what levels of content they want to allow their children to see for each rating system. Then, as the child uses the PICS-aware Web browser or application, the Web browser finds the rating labels for the content and checks against the values the parent has set by calling a function in the Internet Ratings API. If the content is rated higher than the child is allowed, the content is not displayed.
Ratings are specified by using an additional tag within the HTML header (<HEAD> rating information </HEAD>). The rating is in English text, as defined by the PICS specification. More details are provided in the full PICS documentation found on the PICS Web site: http://www.w3.org/PICS/.
The following example shows the general format of rating information within an HTML page.
<HTML> <HEAD> <META http-equiv="PICS-Label" content='(PICS-1.0 "http://www.rsac.org" labels on "1996.11.05T08:15-0500" until "1996.12.31T23:59-0000" for "http://www.rsac.org/index.html" by "RSAC " rating (language 2 nudity 0 violence 1))'> </HEAD>
The core of the rating label is the rating string, which provides a list of category/value pairs. For each category, the name and the associated value are listed.
PICS has defined two specificationsone for creating rating systems and one for creating rating labels. A rating system defines the criteria for how content is rated. Based on the PICS specification for rating systems, any group or individual could define a system for rating content. Using the PICS specification, you could take the MPAA rating system and define it as a PICS-compliant rating system.
The PICS specification is quite extensive, and it allows for a system to contain multiple categories. The MPAA system has only one category with five values: G, PG, PG-13, R, and NC-17. It has been criticized for being too simplistic and not offering granularity on multiple dimensions. PICS solves this problem by allowing the creator of the rating system to have great flexibility in how the system is defined.
PICS has not defined an actual rating system or an actual scheme for rating Internet content. PICS is a framework and a language that allows any group or organization to rate content on their own criteria. PICS has not created a replacement for the movie rating system, nor does it intend to.
For more information about rating systems, see the PICS specification on their Web site: http://www.w3.org.
The PICS specification makes no provisions for storing information on rating systems locally. On the Microsoft Windows® platform, the text description for PICS rating systems is contained in a text file with an .rat extension. This file would contain all the category and value information that PICS has defined as necessary. Microsoft may define fields for information about a given rating system, including its PICS rating server URL if it has one.
Internet Content Providers (ICPs) need to be aware that they must take the initiative in getting their content rated by a PICS-compliant rating system. For a rating system to be useful, the browser application must deny access to sites that are unrated. ICPs should contact the PICS committee for a listing of rating groups that are based on PICS.
Microsoft is committed to supporting the PICS standard and providing API and reference information for other products that want to support PICS. In addition, Microsoft is assisting several third-party groups to create PICS-based rating systems. In particular, the Recreation Software Advisory Council (RSAC) has created a rating system called RSACi. Their Web site, http://www.rsac.org, provides a simple online mechanism for getting content rated through their system.
Developers of Web authoring tools need to be PICS-aware so that their tools support the ability to easily enter META tags into Web pages. Web authoring tools can help promote the PICS technology by providing templates or wizards for adding PICS ratings to documents.
Of significant importance is the ability to maintain ratings for groups or "virtual trees" of pages. Some PICS-compliant rating systems might offer ratings for groups of content. This will allow larger sites to section adult content from general audience content. Web authoring and management tools need to provide the ability to propagate rating information across user-defined groups of pages.
Microsoft intends to provide support for the easy addition of PICS-compliant rating information into appropriate Internet content tools.
The Microsoft Internet Ratings API provides Win32®-based applications with easy access to PICS-based Internet ratings support and related services. These functions provide any application with access to a PICS rating parsing engine, as well as a mechanism for comparing ratings against the user information settings in Internet Explorer 4.0. This API will be available as part of Internet Explorer 4.0.
The functions in the Internet Ratings API set facilitate access to the ratings support in the following ways:
The PICS specification allows for rating information to appear in HTML tags, in HTTP headers, and on a third-party URL. For performance reasons, each individual browser is responsible for obtaining HTML- and HTTP-based rating information (for details on obtaining these mechanisms, consult the PICS specification).
The following table summarizes the PICS-support API functions. This table lists all the functions for finding, pairing, and comparing rating information.
Function | Description |
RatingAccessDeniedDialog,RatingAccessDeniedDialog2 | Displays a system dialog box informing the user that access has been denied. |
RatingCheckUserAccess | Takes in a PICS rating, parses it, and compares it against what a specified user can see. |
RatingEnable | Enables and disables ratings. |
RatingEnabledQuery | Specifies whether ratings are on or off. |
RatingFreeDetails | Frees a pointer to denial information. |
RatingObtainCancel | Cancels a call to RatingObtainQuery. |
RatingObtainQuery | Obtains ratings from certain locations and compares them. |
RatingSetupUI | Displays a modal dialog box that allows a supervising parent to set levels of restrictions. |
A browser or other application would typically use the rating functions in the following fashion:
The PICS specification defines the Backus-Naur Form (BNF) syntax for rating information, or rating nuggets. PICS specifies that rating nuggets can appear as part of HTML documents, within the header tags. The PICS specification also allows for rating information to appear as part of the HTTP headers.
For performance and logistic reasons, it is the responsibility of the browser to obtain HTML- and HTTP-level ratings. Details on how to find HTML-based ratings are part of the PICS specification. Details on HTTP ratings and the associated HTTP header are specified by PICS.
The PICS committee might eventually provide reference code for applications that want to find HTML/HTTP-based ratings.
This section contains detailed reference information about the functions in the Microsoft Internet Ratings API.
HRESULT RatingAccessDeniedDialog( HWND hwndParent, LPCTSTR pszUsername, LPCTSTR pszContentDescription, LPVOID pRatingDetails );
Displays a modal dialog box telling the user that access to the requested content is denied. The supervisor can set an option that adds controls to the dialog box; these controls would allow a supervisor to enter a user name and password to override the rating and allow access.
S_OK | The supervisor entered the password. Access should be allowed. |
S_FALSE | The user is still denied access to the content. |
Error values | An error occurred. |
See also RatingCheckUserAccess
HRESULT RatingAccessDeniedDialog2( HWND hwndParent, LPCSTR pszUsername, LPVOID pRatingDetails);
This function is identical in functionality to RatingAccessDeniedDialog except that if a ratings dialog box is already being displayed modal to the specified parent window, the details from the second call are inserted into the existing dialog box.
S_OK | The supervisor entered the password. Access should be allowed. |
S_FALSE | The user is still denied access to the content. |
Error values | An error occurred. |
See also RatingCheckUserAccess
HRESULT RatingCheckUserAccess( LPCTSTR pszUsername, LPCTSTR pszURL, LPCTSTR pszRatingInfo, LPBYTE pData, DWORD cbData, LPVOID *ppRatingDetails );
Determines whether the user is allowed to view the given content based on the associated rating label. An application calls this function when it finds a rating label.
S_OK | Access is allowed. |
S_FALSE | Access is denied. |
Error values | Content should be considered unrated. |
This function allows ratings of any content type, including CD-ROMs, news groups, Web sites, and so on, provided the client application can find the rating information. The RatingObtainQuery function makes an internal call to the RatingCheckUserAccess function before calling the application's callback function.
See also RatingAccessDeniedDialog, RatingFreeDetails, RatingObtainQuery
HRESULT RatingEnable( HWND hwndParent, LPCSTR pszUsername, BOOL fEnable);
Enables or disables ratings.
S_OK | If fEnable was TRUE, ratings have been enabled. Otherwise, ratings were disabled. |
S_FALSE | Ratings were not successfully enabled or disabled. |
E_ACCESSDENIED | Ratings were enabled, and the user specified a bad password. |
HRESULT_FROM_WIN32(ERROR_BAD_USERNAME) | The specified username was invalid. |
HRESULT RatingEnabledQuery(void)
Reports whether ratings should be enforced or not. If the supervisor has not configured any restrictions or has temporarily disabled them, the application may allow access to all content and need not call any other rating functions.
S_OK | Ratings are enabled and should be enforced. |
S_FALSE | Ratings are disabled and should be ignored. |
HRESULT RatingFreeDetails( LPVOID pRatingDetails );
Frees the detail information returned by the RatingCheckUserAccess function.
See also RatingCheckUserAccess
HRESULT RatingObtainCancel( HANDLE hRatingObtainQuery );
Allows a browser to cancel its request to obtain the rating for a URL.
See also RatingObtainQuery
HRESULT RatingObtainQuery( LPCTSTR pszTargetUrl, DWORD dwUserData, void (*fCallback)( DWORD dwUserData, HRESULT hres, LPCTSTR pszRating, LPVOID lpvRatingDetails ), HANDLE *phRatingObtainQuery );
Encapsulates the process of checking ratings that appear on a local list, third-party PICS server, or future third-party add-on rating services.
The callback function has the following parameters:
dwUserData | Data supplied in the initial call to RatingObtainQuery. | ||||||
hres | Result of the query. Can be one of the following values:
| ||||||
pszRating | Rating information for the document if it is available. (Note that the application can choose to ignore this parameter because RatingCheckUserAccess has already been called to generate the hres parameter). | ||||||
lpvRatingDetails | Token that can be used in the RatingAccessDeniedDialog dialog box. This must be freed with a call to RatingFreeDetails. |
A browser obtains the URL from the user and calls this function. Asynchronously, this function searches for a rating for the specified document. When the search ends, the function calls the application's callback function, on a different thread than the one that called RatingObtainQuery. While waiting for the callback to be called, browsers may choose to download the content but prevent the user from accessing it until the query is resolved.
If RatingObtainQuery returns an error, the application should assume the site is unrated by local and third-party ratings, and look for the HTML/HTTP-level ratings itself.
HRESULT RatingSetupUI( HWND hwndParent, LPCSTR pszUsername );
Displays a modal dialog box that allows a supervising parent to set levels of restrictions. The RatingCheckUserAccess function uses these settings to compare against rating labels.
This function ensures that the current user is a supervisor before allowing access to the configuration user interface.
© 1997 Microsoft Corporation. All rights reserved. Terms of Use.