- From: Marcos Caceres <marcosc@opera.com>
- Date: Mon, 16 Mar 2009 16:00:39 +0100
- To: Robin Berjon <robin@berjon.com>
- Cc: "Hillebrand, Rainer" <Rainer.Hillebrand@t-mobile.net>, Arthur Barstow <art.barstow@nokia.com>, public-webapps <public-webapps@w3.org>
On Mon, Mar 16, 2009 at 3:44 PM, Robin Berjon <robin@berjon.com> wrote: > On Mar 16, 2009, at 15:06 , Hillebrand, Rainer wrote: >> >> Regarding "P&C spec - Mandatory config file", I would like to give more >> information about my concerns. >> >> According to the current "W3C Working Draft 9 March 2009", the config.xml >> file has a single mandatory element. This is the <widget> element. All its >> expected children elements and attributes are optional. Therefore I have got >> the impression that the config.xml file does not add any security. However, >> it will help to identify a zip archive as a widget if the media type and/or >> file extension are missing. >> >> To be clear, I do not have any objections against the config.xml file in >> general. I only have concerns regarding its potential to improve security. > > I would like to echo these concerns. I may have missed something but it is > still rather unclear to me how making config.xml required improves security. > I would expect there to be default, security-conscious options that would > apply irrespective of the presence of a config.xml document, and would also > be the default values for the elements it contains when they are absent. I > don't have an extremely strong opinion here, but I do see value in making > widget creation as simple as possible: at the simplest, just zip up that > index.svg file you have, rename the zip, and run with it. That's what we were thinking all along. Implementation experience has shown this level of simplicity to be problematic. Adding a config encourages developers to include some metadata. This is a good thing. > The use case of wanting to identify a widget that does not have the media > type or file extension seems to me tenuous at best. In fact, if I happen to > have a zip archive that happens to contain a config.xml I wouldn't want > anything to assume that it's a widget and I've somehow made a mistake. I > want it treated as a vanilla zip archive until such a time as I decide > otherwise. That's why the namespace is mandatory. That guarantees "widgetness", no? -- Marcos Caceres http://datadriven.com.au
Received on Monday, 16 March 2009 15:01:26 UTC