Re: Chromium's support for CORS and UMP

Anne van Kesteren wrote:
> On Tue, 11 May 2010 07:10:59 +0200, Nathan <> wrote:
>> exactly, but the current set up stops xhr from getting resources that 
>> the could be retrieved from site A with wget - with an inverted model 
>> all the issues would disappear, leaving only one issue; namely 
>> informing sys admins that they must protected their resources that 
>> need protected - and this is their job after all.
> I'm sorry, but no, we cannot inform all sys admins all over the world 
> and hope they do the right thing. Inverting the model puts the user's 
> data at terrible risk. It is not going to happen.

I'm going to suggest something that seems logical to me, but I'm 
probably way off target.

It looks like a whole lot of work has gone in to the widgets 
specifications - and it looks like that caters for digital signing and 
has the Widget Access Request Policy, and for running js/html applications.

So a couple of questions :)

Do the major browser vendors plan to support widgets in the main UI window?

How would CORS and WARP work together?

and - is it a false path of hope for me to be thinking that I could make 
a JS/HTML5 application and have it run on the clients side, with no 
server dependencies, in all major browsers on all major platforms?



Received on Wednesday, 12 May 2010 18:11:57 UTC