[widgets] WARP summary of issues, was Re: [WARP] error in spec

On 6/3/11 1:39 PM, Arthur Barstow wrote:
> Hi Marcos - given this spec is in the Candidate Recommendation state,
> before a CfC to publish a new LCWD is started, I think it would be
> helpful if you provided a list of the changes you propose and a short
> summary for each change. WDYT?
>
> I don't have a strong opinion on where the list of changes is documented
> but I think you previously included change lists in the spec itself and
> that would be fine here too.

ISSUE 1: Blocking is undefined.
The spec says:

""At runtime, when a network request is made from within the widget 
execution scope, the user agent matches it against the rules defined 
above, accepting it if it matches and blocking it if it doesn't."""

THE PROBLEM:
blocking is undefined (which has lead to interop issues).

SOLUTION:
The user agent MUST behave as if the resource was unreachable (i.e., as 
if a invalid http address had been given or a 4XX or 5XX had been 
returned). This should cause, for example, HTML's elements to fire 
"error" when they try to load.

For XHR, I think it's fine for a user agent to throw the SECURITY_ERR. 
This should be a RECOMMENDATION for user agents that implement XHR.

===
ISSUE 2: WARP is too strict

PROBLEM: WARP rejects URLs too aggressively. It should be more liberal 
in what it excepts.

SOLUTION: Parse URLs and just extract the useful bits (scheme, host, 
port). Discard the rest (path, iuserinfo, etc).

====
ISSUE 3: subdomains attribute is not parsed consistently

PROBLEM: subdomains attribute is not parsed the same way as other 
Boolean attributes defined in P&C. It should not reject the whole access 
request when the value is wrong.

SOLUTION: If subdomains is in error, then ignore it (and default to 
false). Don't reject the whole tag because of it.

Received on Friday, 3 June 2011 14:25:52 UTC