Re: Impending web-arch issue?

On Tue, 11 May 2010 10:32:44 +0200, Nathan <nathan@webr3.org> wrote:
> In light of all that's been discussed, would you agree that neither  
> approach is ideal, and that the current closed xhr web approach (whilst  
> it keeps things safe in the interim) isn't a long-term fix that  
> addresses both issues?

I don't think your issue is critical. It can be worked around easily with  
a proxy. And most applications will have some kind of server component  
that can do the requests on behalf of the application.


> As noted the same issue(s) will arise again with browser extensions in  
> the near future. Thus, can we open CORS+same origin policy for XHR up to  
> a round of suggestions that keep the web both safe and open at the same  
> time? - or at least make it a bit easier to open up by adding default  
> CORS settings for an entire domain in a .well-known place or suchlike.

That has too much potential for problems. This was discussed at length in  
the past already.


> IMHO universal browser based client side applications running over a web  
> of data is a huge thing for the web to loose, and something I wouldn't  
> like to see given up, especially with the advent of HTML5+JS APIs - all  
> the pieces are in place, the web is shifting in this direction - and  
> afaict this issue is the only thing blocking us from progressing.

It doesn't really see to be blocking us too much. Web-based feed readers  
etc. have been prevalent for a long time.


-- 
Anne van Kesteren
http://annevankesteren.nl/

Received on Tuesday, 11 May 2010 10:47:01 UTC