W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2009

Re: [WARP] Comments to WARP spec

From: Marcos Caceres <marcosc@opera.com>
Date: Tue, 10 Nov 2009 16:29:32 +0100
Message-ID: <4AF986DC.5050501@opera.com>
To: "SULLIVAN, BRYAN L (ATTCINW)" <BS3131@att.com>
CC: WebApps WG <public-webapps@w3.org>


SULLIVAN, BRYAN L (ATTCINW) wrote:
> Marcos,
> I agree there is an assumption behind the approach I proposed, which I also believe will be valid for the vast majority of widgets which will actually have "index.html" or something like that as the start page. Further, the statements in the config.xml apply to all resources in the widget, not just the start page, i.e. I can start with a non-HTML which references an HTML file in the package, to which the "tag" attribute applies.

So we are clear, the tag attribute does not work in the following 
situation. I want to disable x:script, but allow v:script... unless you 
know what the things different namespaces will not be added dynamically 
to the DOM:

<x:html xmlns:x="http://www.w3.org/1999/xhtml">
...
<x:script> ... </x:script>

<v:svg v:width="6cm" v:height="5cm" v:viewBox="0 0 600 500"
      xmlns:v="http://www.w3.org/2000/svg" version="1.1">
   <v:script src="...">...</v:script>
</v:svg>

</x:html>

> If the proposed solution is inadequate, I welcome other suggestions.

I don't have a suggestion because I don't believe this part of WARP is 
broken or is necessary.

 >But as it stands, the WARP spec is not consistent with the web 
security model, so we need to fix the<access>  element definition somehow.

  Well, the whole point of WARP is to put these boundaries around the 
behavior of widgets because they run locally. How a browsing context 
should behave when run locally is not really defined by HTML5. This 
leaves a gap for us to fill.
Received on Tuesday, 10 November 2009 15:30:17 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:35 GMT