- From: Cameron Jones <cmhjones@gmail.com>
- Date: Thu, 22 Mar 2012 13:14:20 +0000
- To: Anne van Kesteren <annevk@opera.com>
- Cc: Julian Reschke <julian.reschke@gmx.de>, public-html@w3.org, "Edward O'Connor" <eoconnor@apple.com>
On Thu, Mar 22, 2012 at 1:00 PM, Anne van Kesteren <annevk@opera.com> wrote: > On Thu, 22 Mar 2012 13:50:02 +0100, Cameron Jones <cmhjones@gmail.com> > wrote: >> >> In the "Risks" section of the proposal i have documented and addressed >> the anticipated security concern. > > > That is not very clear. Also, that should be part of the details section if > so. It is orthogonal to the functionality the proposal recommends, hence it is omitted to reduce the overall scope of the proposal. What exactly would you like to see reference to? That CORS is a requirement? > > >> While CORS is referenced in HTML it is not a pre-requesite for >> implementations. > > > It is. I can understand that it may be an effective pre-requisite by way of induction, however it is feasible that for example there may be a browser implementation which does not support cookies or http authenticaion or even a multi-document interface which has no requirement for implementing CORS. > > >> HTTP is the deployment i am referring to and it is interaction with >> this protocol which the proposal recommends. You have raised concern >> that further information is required for specification however i am >> stating that further information is not required - or available - as >> it is already under specification, implementation and deployment on a >> global scale and with universal adoption. > > > This is nonsense given the context of what is available to web pages today. > > > > -- > Anne van Kesteren > http://annevankesteren.nl/ I don't understand your comment... the question is - what further information is required in order to produce specification of the defined functionality? Thanks, Cameron Jones
Received on Thursday, 22 March 2012 13:15:01 UTC