W3C home > Mailing lists > Public > public-webapps@w3.org > July to September 2012

Re: [Workers] Worker same-origin and usage in JS libraries...

From: Bronislav Klučka <Bronislav.Klucka@bauglir.com>
Date: Wed, 18 Jul 2012 00:48:17 +0200
Message-ID: <5005EBB1.8050201@bauglir.com>
To: public-webapps@w3.org

On 17.7.2012 23:53, Ian Hickson wrote:
> My plan is to make it so that cross-origin URLs start cross-origin 
> workers. The main unresolved question is how to do this in an opt-in 
> manner. The best idea I've come up with so far is having scripts that 
> want to opt-in to being run in such a way start with a line line: // 
> Cross-Origin Worker for: http://example.net ...or (for multiple 
> domains): // Cross-Origin Worker for: http://example.com 
> https://example.org ...or (for any domain): // Cross-Origin Worker for 
> all origins ...but that doesn't seem super neat. 

Since script is loaded using HTTP, why not use already defined CORS 
headers on server side while serving those scripts?
And if you want it to be defined in JS file itself, I'll suggest "use 
strict" approach:

file> ---------------------------------------------------------------
"Access-Control-Allow-Origin: *";
(function(){
     "use strict";
       var x = 5;
})();
---------------------------------------------------------------<file

and define CORS headers as a string (maybe with the restriction that 
those headers must be first executable/runnable code in JS file - so 
there may be comments and whitespaces before)

B.

-- 

s pozdravem
          Bronislav Klučka


http://www.bauglir.com <http://www.bauglir.com>

http://www.bauglir.com
Bronislav.Klucka@bauglir.com  <mailto:Bronislav.Klucka@bauglir.com>

   * webové aplikace
   * software na zakázku
Received on Tuesday, 17 July 2012 22:48:48 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:54 GMT