- From: Ben Adida <ben@adida.net>
- Date: Thu, 30 Jul 2009 09:55:00 -0700
- To: Manu Sporny <msporny@digitalbazaar.com>
- CC: RDFa TF list <public-rdf-in-xhtml-tf@w3.org>
Manu Sporny wrote: > Ben's proposal is concerned about not having to dereference anything > during the RDFa processor stage because it leads to complexity and the > possibility of not generating triples at parse-time. During the telecon today, I brought up a point that hints at the architectural complication that results from "dereferencing-in-the-parser": security. Specifically, a pure JavaScript parser (i.e. bookmarklet) would be unable to produce any output, since it cannot dereference a third-party resource. Of course, a plugin, or JavaScript with elevated privileges, could, but the core issue remains that the parser now needs to consider a number of security issues related to third-party content, just to produce the first batch of triples. -Ben
Received on Thursday, 30 July 2009 16:55:38 UTC