W3C home > Mailing lists > Public > public-webappsec@w3.org > April 2015

Re: CfC: FPWD of Entry Point Regulation

From: <chaals@yandex-team.ru>
Date: Thu, 30 Apr 2015 12:46:11 +0200
To: Anne van Kesteren <annevk@annevk.nl>, Brad Hill <hillbrad@gmail.com>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-Id: <203181430390771@webcorp01d.yandex-team.ru>
30.04.2015, 10:54, "Anne van Kesteren" <annevk@annevk.nl>:
> On Tue, Apr 28, 2015 at 10:20 PM, Brad Hill <hillbrad@gmail.com> wrote:
>> https://mikewest.github.io/webappsec/specs/epr/
>
> It's not entirely clear to me how the comments that were raised
> against the charter were addressed. This seems hurtful still to
> linking across the web. E.g. forcing users to enter through /.

Yeah, but the fact that user agents can ignore it is important... until we get websites that block if it isn't enforced.

Which makes the sites anti-web rather than the spec.

On the other hand, the fact that user agents aren't required to enforce anything (as the document reads now) makes me wonder if it can really achieve its stated goal. And what might be added to it between now and a request to advance it to CR.

cheers

--
Charles McCathie Nevile - web standards - CTO Office, Yandex
chaals@yandex-team.ru - - - Find more at http://yandex.com
Received on Thursday, 30 April 2015 10:46:44 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:12 UTC