- From: Mark Nottingham <mnot@yahoo-inc.com>
- Date: Thu, 3 Jan 2008 12:26:57 +1100
- To: Ian Hickson <ian@hixie.ch>
- Cc: "Close, Tyler J." <tyler.close@hp.com>, Anne van Kesteren <annevk@opera.com>, "public-appformats@w3.org" <public-appformats@w3.org>
On 03/01/2008, at 11:58 AM, Ian Hickson wrote: > > No, we need more than that. > > We need something that (in no particular order): > > * introduces no new XSS attack vectors when a user changes client, > assuming the client is conforming to the new spec > > * introduces no new XSS attack vectors when an author changes server, > assuming the server is conforming to the new spec > > * can be implemented without changing the actual server software > > * can be used to provide files for cross-domain access via GET without > scripting of any kind of the server side > > * can be configured on a per-resource basis > > * can be configured without coordination with the main site > administrator > > * does not introduce the risk of caches inadvertently allowing access > when it should not be allowed > > * leaves the control in the hand of the server > > The currently proposed solution achieves all of this, by making the > server > make the decision, but requiring that the decision be conveyed using a > handshake that explicitly reports the decision, and making that > handshake > expressive enough that it can be precomputed and stored within the > resource itself, allowing it to be used without server-side scripting. > > Your proposals so far have only achieved simplicity by not > addressing some > of the other requirements. Has the working group gained consensus on this requirements list and documented it? -- Mark Nottingham mnot@yahoo-inc.com
Received on Thursday, 3 January 2008 01:27:39 UTC