- From: Nathan <nathan@webr3.org>
- Date: Wed, 12 May 2010 19:10:27 +0100
- To: Anne van Kesteren <annevk@opera.com>
- CC: public-webapps <public-webapps@w3.org>
Anne van Kesteren wrote: > On Tue, 11 May 2010 07:10:59 +0200, Nathan <nathan@webr3.org> wrote: >> exactly, but the current set up stops xhr from getting resources that >> the could be retrieved from site A with wget - with an inverted model >> all the issues would disappear, leaving only one issue; namely >> informing sys admins that they must protected their resources that >> need protected - and this is their job after all. > > I'm sorry, but no, we cannot inform all sys admins all over the world > and hope they do the right thing. Inverting the model puts the user's > data at terrible risk. It is not going to happen. I'm going to suggest something that seems logical to me, but I'm probably way off target. It looks like a whole lot of work has gone in to the widgets specifications - and it looks like that caters for digital signing and has the Widget Access Request Policy, and for running js/html applications. So a couple of questions :) Do the major browser vendors plan to support widgets in the main UI window? How would CORS and WARP work together? and - is it a false path of hope for me to be thinking that I could make a JS/HTML5 application and have it run on the clients side, with no server dependencies, in all major browsers on all major platforms? Best, Nathan
Received on Wednesday, 12 May 2010 18:11:57 UTC