Re: [XHR] anonymous flag

Den 1. juni 2013 kl. 10:14 skrev Anne van Kesteren <annevk@annevk.nl>:

> On Thu, May 30, 2013 at 1:30 PM, Hallvord Reiar Michaelsen Steen
> <hallvord@opera.com> wrote:
>> So creating a new tri-state property in the XHR spec should also simplify integration with the Fetch spec.
> 
> Agreed. The question is, if we take it as a given that we're going to
> get a new API (that uses futures, deals with tainted requests, etc.)
> is it worth expanding the older API too?

It will not come as a surprise to you that I vote "yes" to this question, but let me try to add some reasoning:

* From a developer point of view, I doubt it will matter very much, but it seems that we should fix the older API. There is known demand for the "non-credentials request to origin server" use case, and the spec already serves it in a somewhat messy way. If we leave the spec as it is, developers risk having to implement the messy way first and later a cleaner way for Fetch (while having to keep supporting the messy way for legacy content? The web rarely forgets your spec mistakes once implemented..)

* It could be considered a "selling point" for the new API, but it's not a big one. What you quote above, futures and such, are big selling points. This doesn't make the list. 

* Given that it's not a selling point, I think consistency from the old to the new API is more important to normal developers. If you do not fix the old API we risk fielding questions like "Wot? Where did my anonymous mode go?" and for a feature that may have security implications, causing developer confusion is certainly not a good idea.

That's my 5 cents as of this Sunday evening..
Hallvord R

Received on Sunday, 2 June 2013 21:22:45 UTC