W3C home > Mailing lists > Public > public-webapi@w3.org > March 2006

Re: ACTION-61: text for embedding part of the Window object

From: Anne van Kesteren <annevk@opera.com>
Date: Tue, 07 Mar 2006 09:52:04 +0100
To: "Web APIs WG (public)" <public-webapi@w3.org>
Message-ID: <op.s51b82lk64w2qv@id-c0020.oslo.opera.com>

On Tue, 07 Mar 2006 09:22:29 +0100, Jonas Sicking <jonas@sicking.cc> wrote:
> I'm not sure that it's a good idea to define the exact security policy  
> here. Shouldn't we allow implementations to return null rather then  
> throwing?

Well, at the moment it doesn't say MUST throw, but MAY throw... I'm not  
sure yet how to handle the security cases. It's obviously important enough  
to mention it in the specification, but limiting the UA in what it can do  
may not be such a good idea either. This does not solely apply to this  
though. We should probably discuss in what level of detail we want to  
define what UAs have to do. Personally I'd be happy with not defining what  
they have to do but just pointing out the potential security problems UAs  
probably have to act upon in order to make browsing secure.

Anne van Kesteren
Received on Tuesday, 7 March 2006 08:52:12 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:16:20 UTC