W3C home > Mailing lists > Public > public-appformats@w3.org > February 2007

Re: [ac] Updates to Access-Control document

From: Anne van Kesteren <annevk@opera.com>
Date: Wed, 07 Feb 2007 15:20:09 +0100
To: "Thomas Roessler" <tlr@w3.org>, "Brad Porter" <brad@tellme.com>
Cc: "WAF WG (public)" <public-appformats@w3.org>, "access-control tf" <member-accesscontrol-tf@w3.org>
Message-ID: <op.tndt3v0t64w2qv@id-c0020.orange.nl> 

On Wed, 07 Feb 2007 13:51:01 +0100, Thomas Roessler <tlr@w3.org> wrote:
> Looking over this version, this one seems to introduce yet another
> algorithm: Basically, there seems to be a single allow ruleset and a
> single except ruleset.
>
> This is different from having a list of allow rulesets *each* *of*
> *which* can then have different exceptions.

You mean you want:

   <?access-control
     accept="http://*.example.org"
     except="*"?>

   <?access-control
     accept="http://foo.example.org"
     except="http://bar.example.org"?>

to be different from:

   <?access-control
     accept="http://*.example.org http://foo.example.org"
     except="* http://bar.example.org"?>

or something?

Could you elaborate on the potential problems?


> I wonder what the rationale for the new proposal is.

I'm not sure I understood the "old proposal". Care to explain?


-- 
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>
Received on Wednesday, 7 February 2007 14:20:28 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:10:21 GMT