- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Fri, 29 Nov 2013 15:08:32 +0100
- To: Henry Story <henry.story@bblfish.net>
- Cc: Read-Write-Web <public-rww@w3.org>
- Message-ID: <CAKaEYhJOXcLeTzucu5fVmtSjA4GUxtUsX+sE+LXoczpxHQiS3A@mail.gmail.com>
On 26 November 2013 19:18, Henry Story <henry.story@bblfish.net> wrote: > Hi all [1], > > Working with Andrei at Mozilla in Paris [2] we came up with the > following issue. > Looks like quite a turn out! Let us know how you get on :) > > Background: > a JS Agent from one domain making a request on a different domain needs > the server > it is making requests be it GET, PUT, POST, DELETE or PATCH to specify > which JS agents > it trusts with the information. ( this can be * for all agents, and agents > are only > defined by (sub)domain. ) > It is not a good idea for an LDP server on the public internet to allow > any agent > to execute non idempotent actions such as POST, DELETE, PATCH and PUT on > allr resources > - that would really be allow too much mischief. > > But we could allow that per container. This could be done using WAC by > a simple > rule such as > > [[ > @prefix acl: <http://www.w3.org/ns/auth/acl#> . > @prefix foaf: <http://xmlns.com/foaf/0.1/> . > > [] acl:accessToClass [ acl:regex "https://stample.io/2013/test/.*" ]; > acl:mode acl:Read, acl:Write; > acl:agent [ acl:cors "https://joe.rww.io" . ] > ]] > > So this is saying that agent http://joe.rww.io can have Read/Write Access > to all files > under the directory /2013/test/.* > > A better name than acl:cors is welcome. > At first glance agree with Joe on use of the term "Origin". Of course, the O in cOrs stands for Origin ... > > Henry > > > > [1] Sorry for not having responded to previous responses to my mails on > this list. > I have been busy and will get back to those threads. > [2] http://hack.stample.co/ > > Social Web Architect > http://bblfish.net/ > > >
Received on Friday, 29 November 2013 14:09:00 UTC