- From: Tab Atkins Jr. <jackalmage@gmail.com>
- Date: Tue, 7 Jul 2009 10:09:23 -0500
- To: Bert Bos <bert@w3.org>
- Cc: www-font@w3.org
On Tue, Jul 7, 2009 at 4:44 AM, Bert Bos<bert@w3.org> wrote: > Tab Atkins Jr. wrote: > >> While I agree, are you trying to suggest that people think that >> CORS/same-origin restrictions carry ownership information with them in >> any way? > > "Ownership" isn't exactly the word I'm looking for, but the adoption of CORS > to express licenses implies that the author of http://example.com/A has a > certain right over http://example.com/B (or vice versa, depending on which > links to which). That would depend *only* on the similarity of their URLs, > CORS offers no way to negate that relation. As Aryeh says, this is true *most* of the time, or at least often enough to work in practice. > The Web architecture document[1] says that such inferences from URLs should > not be made. Two URLs are either the same or different. There is nothing in > between. > > [1] http://www.w3.org/TR/2004/REC-webarch-20041215/#uri-opacity In general, multiple features of the modern web privilege the origin section of a url specially. If that rec says differently, then it does not match reality. ~TJ
Received on Tuesday, 7 July 2009 15:10:21 UTC