W3C home > Mailing lists > Public > www-tag@w3.org > May 2010

Re: Impending web-arch issue?

From: Anne van Kesteren <annevk@opera.com>
Date: Tue, 11 May 2010 12:46:13 +0200
To: Nathan <nathan@webr3.org>
Cc: "www-tag@w3.org" <www-tag@w3.org>
Message-ID: <op.vcjevbc364w2qv@annevk-t60>
On Tue, 11 May 2010 10:32:44 +0200, Nathan <nathan@webr3.org> wrote:
> In light of all that's been discussed, would you agree that neither  
> approach is ideal, and that the current closed xhr web approach (whilst  
> it keeps things safe in the interim) isn't a long-term fix that  
> addresses both issues?

I don't think your issue is critical. It can be worked around easily with  
a proxy. And most applications will have some kind of server component  
that can do the requests on behalf of the application.


> As noted the same issue(s) will arise again with browser extensions in  
> the near future. Thus, can we open CORS+same origin policy for XHR up to  
> a round of suggestions that keep the web both safe and open at the same  
> time? - or at least make it a bit easier to open up by adding default  
> CORS settings for an entire domain in a .well-known place or suchlike.

That has too much potential for problems. This was discussed at length in  
the past already.


> IMHO universal browser based client side applications running over a web  
> of data is a huge thing for the web to loose, and something I wouldn't  
> like to see given up, especially with the advent of HTML5+JS APIs - all  
> the pieces are in place, the web is shifting in this direction - and  
> afaict this issue is the only thing blocking us from progressing.

It doesn't really see to be blocking us too much. Web-based feed readers  
etc. have been prevalent for a long time.


-- 
Anne van Kesteren
http://annevankesteren.nl/
Received on Tuesday, 11 May 2010 10:47:01 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 26 April 2012 12:48:20 GMT