Re: [widgets] Minutes from 12 March 2009 Voice Conference

On Mon, Mar 16, 2009 at 3:44 PM, Robin Berjon <robin@berjon.com> wrote:
> On Mar 16, 2009, at 15:06 , Hillebrand, Rainer wrote:
>>
>> Regarding "P&C spec - Mandatory config file", I would like to give more
>> information about my concerns.
>>
>> According to the current "W3C Working Draft 9 March 2009", the config.xml
>> file has a single mandatory element. This is the <widget> element. All its
>> expected children elements and attributes are optional. Therefore I have got
>> the impression that the config.xml file does not add any security. However,
>> it will help to identify a zip archive as a widget if the media type and/or
>> file extension are missing.
>>
>> To be clear, I do not have any objections against the config.xml file in
>> general. I only have concerns regarding its potential to improve security.
>
> I would like to echo these concerns. I may have missed something but it is
> still rather unclear to me how making config.xml required improves security.
> I would expect there to be default, security-conscious options that would
> apply irrespective of the presence of a config.xml document, and would also
> be the default values for the elements it contains when they are absent. I
> don't have an extremely strong opinion here, but I do see value in making
> widget creation as simple as possible: at the simplest, just zip up that
> index.svg file you have, rename the zip, and run with it.

That's what we were thinking all along. Implementation experience has
shown this level of simplicity to be problematic. Adding a config
encourages developers to include some metadata. This is a good thing.

> The use case of wanting to identify a widget that does not have the media
> type or file extension seems to me tenuous at best. In fact, if I happen to
> have a zip archive that happens to contain a config.xml I wouldn't want
> anything to assume that it's a widget and I've somehow made a mistake. I
> want it treated as a vanilla zip archive until such a time as I decide
> otherwise.

That's why the namespace is mandatory. That guarantees "widgetness", no?


-- 
Marcos Caceres
http://datadriven.com.au

Received on Monday, 16 March 2009 15:01:26 UTC