W3C home > Mailing lists > Public > public-html-bugzilla@w3.org > January 2011

[Bug 11235] Support a rel attribute that restricts cookie transmission

From: <bugzilla@jessica.w3.org>
Date: Sun, 23 Jan 2011 21:24:53 +0000
To: public-html-bugzilla@w3.org
Message-Id: <E1Ph7Qb-0000vk-RK@jessica.w3.org>
http://www.w3.org/Bugs/Public/show_bug.cgi?id=11235

--- Comment #15 from Alexander Romanovich <alex@sirensclef.com> 2011-01-23 21:24:53 UTC ---
I guess you're right that an HTML attribute would be too limiting in regards to
controlling this functionality in all aspects of web browsing. But where would
such an approach, with the larger scope you're describing, be implemented
exactly?

I assume you're not talking about browser settings, since this is something a
web developer would want to control on a case-by-case basis (since some
requests require cookie transmission to maintain logins, for example.). I
suppose you could send a header along with the main resource that instructs the
browser how to behave in respect to different kinds of future subresource
requests on the page, but that would get tricky if it was the sole source of
instruction about so many different types of requests. Otherwise, I could
imagine HTML being the right place for controlling this so long as there's an
equivalent solution(s) that applied to the additional cases you mentioned (i.e.
a request in the generic sense knows how to be anonymous, but the HTML
attribute is just one of several ways to switch that flag on).

I'd be happy to approach some browser vendors, once I'm clearer on where the
possibilities lie for implementing this, if not just an HTML attribute.

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
Received on Sunday, 23 January 2011 21:24:55 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Sunday, 23 January 2011 21:24:55 GMT