- From: Ian Hickson <ian@hixie.ch>
- Date: Fri, 26 Sep 2008 21:29:34 +0000 (UTC)
- To: Boris Zbarsky <bzbarsky@MIT.EDU>
- Cc: HTML WG <public-html@w3.org>
On Fri, 26 Sep 2008, Boris Zbarsky wrote: > > Section 5.3 has algorithms for serializing origins which include: > > "If the origin in question is not a scheme/host/port tuple, then > return the empty string and abort these steps." > > This seems suboptimal to me, since it loses information. Better would be to > create a serialization of the globally unique identifier if that's what the > origin is. The spec need not mandate how this is done, as long as the > serialization has a good chance of really being globally unique. > > Is there a strong reason for the current behavior? How would the identifier be used? It seems better not to expose the internal IDs, lest someone manage to use the exposed ID to trick the user agent or a page somehow. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Friday, 26 September 2008 21:30:11 UTC