- From: Ian Hickson <ian@hixie.ch>
- Date: Wed, 9 May 2007 19:28:12 +0000 (UTC)
- To: Anne van Kesteren <annevk@opera.com>
- Cc: "WAF WG (public)" <public-appformats@w3.org>
On Wed, 9 May 2007, Anne van Kesteren wrote: > > http://dev.w3.org/cvsweb/~checkout~/2006/waf/access-control/Overview.html?content-type=text/html;%20charset=utf-8 In 2.1, ""deny" rules can be used by authors to deny read access from external resources to the entire server a simple way without having to check each individual XML resource that may have <?access-control?> processing instructions specified." is somewhat confusing to a first time reader because the PI hasn't yet been met. In fact it's still confusing to me now. I think your prepositions are all wrong. I'm not really sure what you're trying to say. 2.2 doesn't actually say that if the MUSTs are violated that the resource is put in error. In 3: "The match list and exclude list are both unordered lists of access items." -- "the" match list? "the" exclude list? There are 3 of each! This should probably be in the plural or something. Is there a difference between "terminate this algorithm" and "terminate this algorithm (process the next list item)"? "user agents must grant access to the resource" can we make that a SHOULD instead of a MUST? It isn't completely clear to me what the "overall algorithm" is. The sub-algorithms have <ol>s, maybe the overall algorithm should too? I don't know. I can't really comment on the "match" algorithm because I don't know what Request URL is supposed to be. For example, is it expected to be an absolute URL always, or can it be relative? What does it mean for the origin not to have a scheme? Why would you ignore the scheme if it's not followed by "://" ? How can it not have a port? Are non-host-based- authority schemes allowed? Step 9 doesn't specify the order. HTH, -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Wednesday, 9 May 2007 19:28:29 UTC