[whatwg] ContextAgnosticXmlHttpRequest: an informal RFC

In Mozilla, Web Services opted to use a model where the web serivices
provider could define what hosts can call it:
http://lxr.mozilla.org/seamonkey/source/extensions/webservices/docs/New_Security_Model.html

Macromedia did a similar thing for Flash's webservices code.

We could easily extend this model to XMLHTTPRequest.


On Tue, 8 Mar 2005 14:21:35 -0800, Chris Holland <frenchy at gmail.com> wrote:
> Note to moderators: please discard the duplicate of this email
> awaiting moderation. I had sent it before joining the list. Sorry
> about that :)
> 
> Hi all :)
> 
> I was hoping some of you might be able to give me some feedback on an
> informal RFC i put together on my blog:
> 
> http://chrisholland.blogspot.com/2005/03/contextagnosticxmlhttprequest-informal.html
> 
> I'm basically looking to enable some sort of cross-host *and*
> cross-domain interoperability between documents via a modified clone
> of the XmlHttpRequest object, while attempting to tread very carefully
> on various security issues, such as Cookies and Basic-Auth
> credentials. A "ContextAgnosticXmlHttpRequest" would be a new object
> developers could use, beyond the traditional XmlHttpRequest.
> 
> i'm not crazy about the ContextAgnostic* prefix ... but that's all i
> could come-up with so-far.
> It would obviously have a very very limited use and would absolutely
> not negate the usefulness of an XmlHttpRequest.
> 
> I would look to use such object with non-transactional RESTful services/APIs
> 
> thank you for your time :)
> 
> --
> Chris Holland
> http://chrisholland.blogspot.com/
> 
> --
> Chris Holland
> http://chrisholland.blogspot.com/
>

Received on Wednesday, 9 March 2005 10:26:36 UTC