W3C home > Mailing lists > Public > www-svg@w3.org > August 2003

Re: [www-svg] network

From: Robin Berjon <robin.berjon@expway.fr>
Date: Mon, 18 Aug 2003 20:04:57 +0200
Message-ID: <3F411549.9010103@expway.fr>
To: Bernhard Zwischenbrugger <bz@datenkueche.com>
Cc: "www-svg@w3.org" <www-svg@w3.org>

Bernhard Zwischenbrugger wrote:
> You can't compare the security model of desktop applications with
> web content.

I agree, my point was about intention.

> The user will turn this off and if it is not possible to turn it off
> the user will not use it.
> It is the same problem as with outlook. People click to executable 
> attachments,...

So lets think about ways in which things could be secure without the limitations 
available today.

>>That certainly resulted 
>>in a massive amount of extra requests being sent there, with no discernible
> 
> Favicon for normal isn't a script and there is max. ONE connection per HTML 
> Page.

Times many people doing that on sites that get several million pages served a 
day mean a *lot* of request :)

> It's more serverside programming and less client side programming.

No, it's more total (client+server) programming. You do about as much server 
programming as you would do client, plus what is needed to convert that to HTTP 
messages, plus the part on the client to convert those HTTP messages to 
something useful, plus the buffering and polling code to emulate push protocols.

Connecting only to same host (but on any port) would, it seems, solve a good 
number of those issues and make server-side programming a one-off (just provide 
the proper proxy). What do you think?

-- 
Robin Berjon <robin.berjon@expway.fr>
Research Engineer, Expway        http://expway.fr/
7FC0 6F5F D864 EFB8 08CE  8E74 58E6 D5DB 4889 2488
Received on Monday, 18 August 2003 14:05:04 GMT

This archive was generated by hypermail 2.3.1 : Friday, 8 March 2013 15:54:25 GMT