W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2011

Re: [widgets] WARP usability issue

From: Marcos Caceres <marcosscaceres@gmail.com>
Date: Thu, 12 May 2011 12:42:48 +0200
Message-ID: <4DCBB9A8.7020100@gmail.com>
To: Charles McCathieNevile <chaals@opera.com>
CC: public-webapps <public-webapps@w3.org>, Robin Berjon <robin.berjon@gmail.com>, Wojciech Masłowski <wmaslowski@opera.com>
On 5/12/11 12:41 PM, Charles McCathieNevile wrote:
> On Thu, 12 May 2011 12:27:33 +0200, Marcos Caceres
> <marcosscaceres@gmail.com> wrote:
>> Hi,
>> The following rule is too restrictive in WARP:
>> "If origin is not a valid IRI, *if it has components other than scheme
>> and iauthority*, if it has no host component, or if it has a iuser
>> info component, then this element is in error and the user agent must
>> ignore this element."
>> ... While I
>> was at Opera working on extensions, we noticed in the Opera Extensions
>> catalog that people were doing all sorts of "interesting" things with
>> WARP declarations (e.g., adding "/*" and other things assuming some
>> kind of pattern matching).
>> Anyway, an easy solution is to simply ignore any "/" or simply ignore
>> all but the scheme and iauthority.
>> WDYT?
> At a minimum. I suspect there are use cases for actually allowing paths
> to be a real part of the access statement, but I haven't thought hard
> about it yet.

That was the original model (resource/path-based), but we moved to this 
one as it was more "origin"-based.
Received on Thursday, 12 May 2011 10:43:19 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:26:31 UTC