W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2009

Re: Review of widget access request

From: Robin Berjon <robin@berjon.com>
Date: Mon, 15 Jun 2009 10:34:26 +0100
Cc: public-webapps WG <public-webapps@w3.org>
Message-Id: <577DD062-0611-4BF4-B4A9-7EDF9F741213@berjon.com>
To: Thomas Roessler <tlr@w3.org>
Hi Thomas,

On Jun 9, 2009, at 09:59 , Thomas Roessler wrote:
> 1. The definitions section seems to introduce "instantiated  
> components" as a first class object that is granted access.

That is correct, I have changed it throughout the spec to talk only of  
execution scopes.

> 2. It would be useful for the policy section to explicitly say that  
> network access from the web execution scope is controlled by the  
> HTML5 security policy, not by this specification's security policy.

I've changed it to punt to the used language's security policy.

> 4. The processing model is gratuitously detailed and complex, and  
> pins down implementation detail.  For example, the meaning of a  
> sequence of access elements does not actually depend on the order in  
> which these elements appear;

That was a bug. I've simplified the rest of the model so that it fills  
about half the space it used to.

Thanks for your comments!

Robin Berjon - http://berjon.com/
     Feel like hiring me? Go to http://robineko.com/
Received on Monday, 15 June 2009 09:35:00 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:26:16 UTC