- From: Marcos Caceres <marcosc@opera.com>
- Date: Sun, 16 May 2010 17:46:50 +0200
- To: nathan@webr3.org
- Cc: public-webapps <public-webapps@w3.org>
Hi Nathan, On Sun, May 16, 2010 at 1:03 AM, Nathan <nathan@webr3.org> wrote: > Hi All, > > I've been trying to find out if any of the / which common browsers support > widgets, or plan to. > > The best I've been able to find so far is a chart in the widgets-landscape > doc [1] from over 2 years ago. See also the more up to date - contains all known implementations but not their level of conformance: http://www.w3.org/2008/webapps/wiki/WidgetImplementation For some conformance info, see the following (result sets are provided/maintained by each implementer): http://dev.w3.org/2006/waf/widgets/imp-report/ > If widget support is planned or implemented in any of the major browsers, > could somebody indicate (or point me to a document which indicates) how the > browser handles a non-embedded widget. > > Namely if I create a widget entirely out of HTML5 & JS, wrap it up and sign > it, then point a browser to the URI where it can be located, will it > download and run in the main browser window, or other? It would normally be run outside the browser, but the spec does not restrict it from running inside a browser window. http://www.w3.org/TR/widgets/#media-type-registration-for-applicationw > Additionally, under what security model would it run, would CORS/UMP etc > still apply as this seems to be at odds with the Widget Access Request > Policy [2]. Again, this is up to the UA. A UA that downloads an embeds a widget in a document, could use the origin to impose the same origin policy - hence CORS/UMP applies and WARP can be ignored. In cases where the origin is unknown, then WARP applies. > [1] http://dev.w3.org/2006/waf/widgets-land/#introduction > [2] http://dev.w3.org/2006/waf/widgets-access/ HTH! Marcos -- Marcos Caceres Opera Software ASA, http://www.opera.com/ http://datadriven.com.au
Received on Sunday, 16 May 2010 16:54:55 UTC