W3C home > Mailing lists > Public > public-lod@w3.org > May 2010

Cross site scripting: CORS and a Javascript library accessing Linked Data

From: Nathan <nathan@webr3.org>
Date: Mon, 10 May 2010 22:49:46 +0100
Message-ID: <4BE87F7A.7070607@webr3.org>
CC: Tim Berners-Lee <timbl@w3.org>, Linked Data community <public-lod@w3.org>, pedantic-web@googlegroups.com, Kingsley Idehen <kidehen@openlinksw.com>, Ian Davis <me@iandavis.com>
All,

Could everybody publishing linked data please note that open data isn't 
currently retrievable via client side JS libraries due to same origin 
policies and the likes.

In order to make it open and accessible by UAs we need to add in CORS 
[1] headers.

Please see the email below from TimBL which includes a request for a 
linked data bubble diagram showing which systems support CORS, and the 
full issue here on www-tag [2]

[1] http://www.w3.org/TR/cors/
[2] http://lists.w3.org/Archives/Public/www-tag/2010May/0009.html

Kinglsey, Ian, members of the Pedantic Web - I've cc'd you in directly 
for rather obvious reasons :)

Richard/Pedants, will this need to be added to the Publishing Linked 
Data guide / recs?

Best,

Nathan

Tim Berners-Lee wrote:
> In mid:4BE7BF59.9010204@webr3.org 
> aka http://lists.w3.org/Archives/Public/www-tag/2010May/0009.html
> on 2010-05 -10, at 04:10, Nathan wrote:
>> All,
> 
> [...lots of cool stuff about making JS client talk to sem web backend ...]
> 
>> Thus far the only thing I can see that comes any where near to addressing is the work in progress Cross-Origin Resource Sharing [1] but afaik it's only implemented in the newest browsers + the vast majority of resources on the web don't have these headers set so again the application wouldn't be able to access most data - rendering any apps made very limited and virtually useless - which imho is a huge shame since all the peices needed are ready and waiting on billions(?) of machines.
> 
> Well, machines which serve public data must now serve the two (why two?!) HTTP headers for CORS.
> Just lean on data sources you know to do this.  And people have to use new browsers to get new functionality.
> 
> Note if they run an add-on, like Tabulator, then they skip this problem as the code is
> deemed trusted.  
> 
[snip]
> 
> We could do with a version of the linked data bubble diagram with the systems which support CORS in green. Anyone?
> 
Received on Monday, 10 May 2010 21:51:00 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:29:48 UTC