W3C home > Mailing lists > Public > public-html@w3.org > September 2008

Re: Question about origin serialization

From: Ian Hickson <ian@hixie.ch>
Date: Sat, 27 Sep 2008 00:52:24 +0000 (UTC)
To: Boris Zbarsky <bzbarsky@MIT.EDU>
Cc: HTML WG <public-html@w3.org>
Message-ID: <Pine.LNX.4.62.0809270049270.8014@hixie.dreamhostps.com>

On Fri, 26 Sep 2008, Boris Zbarsky wrote:
> Ian Hickson wrote:
> > Wouldn't the "null" value that has to be passed in such cases be enough to
> > detect those cases?
> Possibly.  I'll be honest; what largely prompted this is that people 
> started trying to add all sorts of just-slightly-different origin 
> stringification methods to Gecko code, and any time I see that sort of 
> thing happening with security code it gives me the "someone will change 
> one of these functions and forget to change others" willies.
> Which is why ideally there would only be one function involved, 
> period.... That's hard enough already with the Unicode vs ASCII thing in 
> the spec, but all the _different_ special-casing of the non-host case 
> makes it a lot worse.

My understanding is that the specs now have just two functions (one for 
ASCII and one for Unicode). Is this not the case? I certainly agree that 
we should keep the variants to an absolute minimum.

> > I agree that would be a possible benefit.
> Fundamentally, by the way, that's what Access-Control seems to rely 
> on...

How so?

> > It seems, though I could of course be wrong, that exposing internals 
> > is a bigger disadvantage than the benefit gained.
> If we care, we could probably even standardize a form for the globally 
> unique identifier (say something like "html5-unique-origin:" followed by 
> a reasonable GUID serialization).

The benefits would have to be really great to start introducing new 
standard syntax, IMHO. I'm a little concerned that we're putting the cart 
before the horse here -- we need to prove a need before we solve it.

Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'
Received on Saturday, 27 September 2008 00:53:01 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 29 October 2015 10:15:38 UTC