Re: ACTION-146, propose spec text for Workers

On Mon, 25 Nov 2013, Anne van Kesteren wrote:
> On Thu, Nov 21, 2013 at 5:11 PM, Ian Hickson <ian@hixie.ch> wrote:
> > Why? You can easily define a blob:'s origin as being the origin 
> > registered for that blob: URL. It's just a lookup. You could even 
> > encode the origin directly into the URL (either opaquely or not), so 
> > that it wouldn't need to be expensive to look up.
> 
> That's an interesting model, but doesn't match the one written down: 
> https://tools.ietf.org/html/rfc6454#section-4
> 
> In addition, I'm not sure we want blob URLs to have an associated 
> origin. I think they should always be same-origin if you are holding 
> one.

As the guy who originally designed that algorithm: it wasn't ever intended 
that that algorithm be the final say on a URL's origin. It's just the 
default. There's already an exception for "file:" in step 4, we could 
easily add other exceptions. (In particular, I expect we would have to for 
a zip-based scheme, if we had one, for instance.)

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

Received on Monday, 25 November 2013 18:03:24 UTC