Re: [w3ctag/design-reviews] TAG review for web app `scope_extensions` (Issue #875) from Daniel Appelquist on 2024-08-07 (public-webapps-github@w3.org from August 2024)

From: Daniel Appelquist <notifications@github.com>
Date: Wed, 07 Aug 2024 00:32:20 -0700
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/875/2272811044@github.com>

Hi @LuHuangMSFT - following on from what @martinthomson said above: as noted we are fine with the user need and we are generally fine with the design. @reillyeon has suggested a CORS or CORS-like approach. Whilst that has some advantages (in particular, not requiring a new well-known located file) it also has the disadvantage of requiring complex server configuration. Our main concern stands, however, that the Association file should allow for more specifying resources in a more fine-grained way. This could include wildcards to make it easy to create a very permissive Association file, but it should be possible to lock down the resources that are OK to share.  Would you be OK with modifying the design to allow for such an approach? If so, we're happy to close this review as `satisfied`.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/875#issuecomment-2272811044
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/875/2272811044@github.com>

Received on Wednesday, 7 August 2024 07:32:24 UTC