W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2009

Re: [widgets] What does it mean to have an unavailable API

From: Jonas Sicking <jonas@sicking.cc>
Date: Tue, 2 Jun 2009 10:19:14 -0700
Message-ID: <63df84f0906021019w104775fdwb199fc2d711f5f06@mail.gmail.com>
To: Marcin Hanclik <Marcin.Hanclik@access-company.com>
Cc: Scott Wilson <scott.bradley.wilson@gmail.com>, Henri Sivonen <hsivonen@iki.fi>, public-webapps <public-webapps@w3.org>
On Tue, Jun 2, 2009 at 7:28 AM, Marcin Hanclik
<Marcin.Hanclik@access-company.com> wrote:
> Hi Scott,
> In BONDI we have discussed the (has/request)Feature() for some time.
> http://bondi.omtp.org/1.0/security/BONDI_Architecture_and_Security_v1.0.pdf, section 4.3
> A few points for further discussion:
> 1. feature (at least in BONDI) is an abstract thing, not just one function. So hasFeature() is simply optimized checking procedure. If you check for a feature and discover that it is available, you may/should/must assume that a set of functions is available. Otherwise, you have to check each function individually and basically you cannot assume that if one functions is available, then the other is as well.
> 2. requestFeature() adds dynamism to the Website content. Widgets express their dependency statically by <feature>.
> http://bondi.omtp.org/1.0/security/BONDI_Architecture_and_Security_Appendices_v1.0.pdf B.2 specifies more details.

Doesn't the requestFeature() make at least the security benefits of
<feature> moot? In Another thread Marcos stated that one of the
benefits of <feature> was that if a widget gets exploited, the
exploited code couldn't get access to any features that the widget
hadn't enabled using <feature>. However this does not seem to be true
if the exploited code could simply call requestFeature() first, and
then use the feature.

/ Jonas
Received on Tuesday, 2 June 2009 17:20:06 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:12:53 UTC