W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2009

Re: [widget] Security model

From: Marcos Caceres <marcosc@opera.com>
Date: Mon, 25 May 2009 23:34:57 +0200
Message-ID: <b21a10670905251434i61108359jefc61ce1285d989b@mail.gmail.com>
To: Adam Barth <w3c@adambarth.com>
Cc: timeless@gmail.com, public-webapps <public-webapps@w3.org>
On Mon, May 25, 2009 at 11:15 PM, Adam Barth <w3c@adambarth.com> wrote:
> On Sun, May 24, 2009 at 4:18 AM, Marcos Caceres <marcosc@opera.com> wrote:
>> I should have made myself more clear. I meant that the widget would behave
>> as if it had been dragged from the hard-drive with respect to access to HTTP
>> resources via inline content. The model I am proposing is dependent on the
>> widget:// URI scheme and the assumption that widget:// acts a mounted drive
>> for the widget. Access to the file system would be forbidden. No way was I
>> intending to imply otherwise.
> It might be more productive to spec what you actually mean instead of
> using an analogy to a part of the browser security model with poor
> interoperability.

Right. However, that would jumping the gun as we don't seem to have
consensus on the requirements yet. At the moment, I'm happy to throw
ideas at the working group instead. I'm just asking simple things
like, given this widget config:

<widget xmlns="widget namespace" />

should the following inline resources load?

<script src="'http://foo.com"/> </script>
<img src="http://foo.com/image">
<iframe src="http://bar.com">

And what is the origin?

I'm not interested in getting bogged down in complex terminology,
fancy pants RFCs, and things that are hard to understand, at this
point. I just want to take the average widget developer (me) point of
view in an effort to understand how it works (or not) in practice.

Kind regards,

Marcos Caceres
Received on Monday, 25 May 2009 21:36:03 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:12:53 UTC