Re: Widget Requirement 37 (URI scheme etc) from Marcos Caceres on 2009-03-17 (public-webapps@w3.org from January to March 2009)

From: Marcos Caceres <marcosc@opera.com>
Date: Tue, 17 Mar 2009 13:52:27 +0100
To: Thomas Roessler <tlr@w3.org>
Cc: "public-webapps@w3.org WG" <public-webapps@w3.org>
Message-ID: <b21a10670903170552n4fcd933ese3ff9fd91afd279b@mail.gmail.com>

On Thu, Feb 26, 2009 at 6:34 PM, Thomas Roessler <tlr@w3.org> wrote:
> Marcos,
> R37 currently reads:
>
> A conforming specification MUST recommend that, at runtime, the addressing
> scheme used by a resource that addresses another resource within a widget
> package be resolved to some hierarchical URI scheme for the purpose of DOM
> normalization. A conforming specification SHOULD recommend or specify an
> appropriate URI scheme: That is, a URI scheme that does not expose the
> underlying file system (if any) to the instantiated widget. In addition, an
> instantiated widget MUST NOT be able to address resources outside the widget
> resource via the URI scheme (even if URI scheme allows it).The URI scheme
> MUST pertain to individual widget instances, but it MAY potentially allow
> widgets to address each other (for instance, when used in conjunction with
> cross-widget communication).
>
> http://dev.w3.org/2006/waf/widgets-reqs/#r37.-resolve-addressing-scheme-to-uri-scheme
> I don't think that this requirement should be phrased in terms of URI
> *schemes* at all.  Additionally, the "MUST NOT be able to address resources
> outside the widget resource" part of the requirement isn't clear -- why is
> that needed?  (Sounds like a bit of security policy crept in here.)

agreed.

> Finally, while I agree that you don't want a widget to jailbreak, that's
> part of an overall security policy; it shouldn't be normatively mixed into
> the resource identification requirement.  Instead, the requirement should be
> that there ought to be a security policy with these effects.
> Therefore, my version of R37 would be:
>
> A conforming specification MUST define a mechanism to set the base URI for
> any DOM instances that occur within the Widget, and it MUST define a
> mechanism that enables the construction of URI references between different
> resources within a widget package.

Agreed. I've replaced the existing text with your proposed text.

-- 
Marcos Caceres
http://datadriven.com.au

Received on Tuesday, 17 March 2009 12:53:05 UTC