W3C home > Mailing lists > Public > public-web-intents@w3.org > August 2012

Re: Passing "origin" with intents

From: Paul Kinlan <paulkinlan@google.com>
Date: Wed, 29 Aug 2012 15:24:18 +0100
Message-ID: <CADGdg3DKLp6JxOvH+KoJPdOUEKdHojpgbL3sR4pqX15H8+cmSg@mail.gmail.com>
To: Josh Soref <jsoref@rim.com>
Cc: WebIntents <public-web-intents@w3.org>
So, this gives us to at least six states.

Service that requires client to pass origin, and client that is willing to
send origin
Service that requires client to pass origin, and client that is not willing
to send origin
Service that doesn't require origin (clients can choose to send it or not
but it will not be exposed)
Client that requires to recieve an origin and a service that is willing to
send origin back
Client that requires to receive an origin and a service that is not willing
to send it back
Client doesn't require to receive (service can choose to send it, but it
will not be exposed)

Are there any other cases?


On Wed, Aug 29, 2012 at 3:05 PM, Josh Soref <jsoref@rim.com> wrote:

> Paul wrote:
> > If the client is receiving data back from a service, it too should be
> aware of the
> > origin.
>
> I object to this.
>
> If a service is sending back data, it should be able to say whether it
> wants its origin to be shared with the client. And the user should be able
> to have the UA strip the origin.
>
> If I'm using an internal secret service, my service's existence shouldn't
> be leaked to the world just because I'm using it with external sites.
>
> The design of intents should be such that I could hand fill in all the
> values requested by the client and the client would accept it without
> discriminating against me doing that.
>
> ---------------------------------------------------------------------
> This transmission (including any attachments) may contain confidential
> information, privileged material (including material protected by the
> solicitor-client or other applicable privileges), or constitute non-public
> information. Any use of this information by anyone other than the intended
> recipient is prohibited. If you have received this transmission in error,
> please immediately reply to the sender and delete this information from
> your system. Use, dissemination, distribution, or reproduction of this
> transmission by unintended recipients is not authorized and may be unlawful.
>



-- 
Paul Kinlan
Developer Advocate @ Google for Chrome and HTML5
Watch my I/O talk: http://www.youtube.com/watch?v=O1YjdKh-rPg
G+: http://plus.ly/paul.kinlan
t: +447730517944
tw: @Paul_Kinlan <http://twitter.com/paul_kinlan>
LinkedIn: http://uk.linkedin.com/in/paulkinlan
Blog: http://paul.kinlan.me
Skype: paul.kinlan
Received on Wednesday, 29 August 2012 14:24:52 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:14:47 UTC