W3C home > Mailing lists > Public > whatwg@whatwg.org > January 2006

[whatwg] Content Restrictions

From: Gervase Markham <gerv@mozilla.org>
Date: Mon, 30 Jan 2006 12:41:15 +0000
Message-ID: <43DE096B.8070100@mozilla.org>
Alexey Feldgendler wrote:
> 1. "create". The options aren't very useful because one can add nodes by
> cloning, and you can't control what nodes are cloned. The definitions
> should rather be changed to "insertion of nodes into the document". So,
> the script is free to create or clone elements, but they can't be added
> to the document.

That's really smart! So that would restrict appendChild, insertBefore,
and replaceChild on the element interface, plus document.write() and

Do you think "noblock" and "nosub" are of any use? Or are there better
ways to divide elements?

> 2. "request". Of the options "none" and "nopost", neither is a subset of
> the other.

True; it's a non-liner hierarchy, like "cookie" (see para 2. under
"Restrictions"). How would you resolve the situation, if at all?

> 3. What should happen when UA receives the header with a version number
> greater than the version it supports?

It should ignore the header, just as if it did not support
Content-Restrictions at all.

The draft says the following about having multiple versions:
"The implementation should then use the policy string with the highest
version number it understands. Later versions are not guaranteed to
maintain compatible syntax past the semi-colon. If there are multiple
such strings, the implementation should use the first one it encounters."

So if there were multiple versions floating around, a site might send:

Content-Restrictions: 2;<some XML foo>
Content-Restrictions: 1;script=none

Received on Monday, 30 January 2006 04:41:15 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 April 2015 23:08:25 UTC