- From: Tobie Langel <tobie@codespeaks.com>
- Date: Tue, 28 Jul 2015 11:39:42 +0200
- To: spec-prod@w3.org, W3C Team <w3t@w3.org>, Chairs <chairs@w3.org>, Systeam <w3t-sys@w3.org>
On Tue, Jul 28, 2015, at 11:22, Antonio Olmo Titos wrote: > Too often, we upload to w3.org new copies of JS resources that are > publicly available on the site already. Examples of those JS libraries > or files are: jQuery, Slidy, swfobject.js, MathJax, impress.js, Prism... > We commit those files, often in the exact same versions, when we create > specs, pages about events, group pages, staff-only pages, personal > pages, etc. Good idea. > We realise the current list is limited -- we included a few of the most > common libraries, but will add more in the future. What's your plan for versioning if any? > You are encouraged to link to any JS files there from any page *within > W3C space*. The JS files themselves are world-readable, so any visitor > of your pages will be able to retrieve them. > > This index page, on the other hand, we decided to keep staff-only for > now: there is some concern that if it were public, this repo would be > (mis)treated by some from non-W3C sites as a free CDN (which it is not). That seems like an excessive upfront concern that won't actually solve the problem (if there is one). What's to stop me from curling for lib names until I hit a 200 OK? You could also filter out requests using the HTTP_REFERER header if hot-linking really becomes a problem. > For more information, questions or suggestions, please read/contribute > on the wiki: https://www.w3.org/Team/wiki/JS , or drop us a line! This seems to be staff only. Suggest either opening it up or avoiding to mail public mailings lists about this. Best, --tobie
Received on Tuesday, 28 July 2015 09:40:10 UTC