W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2010

Re: Chromium's support for CORS and UMP

From: Nathan <nathan@webr3.org>
Date: Wed, 12 May 2010 19:10:27 +0100
Message-ID: <4BEAEF13.80401@webr3.org>
To: Anne van Kesteren <annevk@opera.com>
CC: public-webapps <public-webapps@w3.org>
Anne van Kesteren wrote:
> On Tue, 11 May 2010 07:10:59 +0200, Nathan <nathan@webr3.org> wrote:
>> exactly, but the current set up stops xhr from getting resources that 
>> the could be retrieved from site A with wget - with an inverted model 
>> all the issues would disappear, leaving only one issue; namely 
>> informing sys admins that they must protected their resources that 
>> need protected - and this is their job after all.
> I'm sorry, but no, we cannot inform all sys admins all over the world 
> and hope they do the right thing. Inverting the model puts the user's 
> data at terrible risk. It is not going to happen.

I'm going to suggest something that seems logical to me, but I'm 
probably way off target.

It looks like a whole lot of work has gone in to the widgets 
specifications - and it looks like that caters for digital signing and 
has the Widget Access Request Policy, and for running js/html applications.

So a couple of questions :)

Do the major browser vendors plan to support widgets in the main UI window?

How would CORS and WARP work together?

and - is it a false path of hope for me to be thinking that I could make 
a JS/HTML5 application and have it run on the clients side, with no 
server dependencies, in all major browsers on all major platforms?


Received on Wednesday, 12 May 2010 18:11:57 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 20 October 2015 13:55:34 UTC