On Fri, May 25, 2012 at 7:39 AM, Marcos Caceres <[email protected]> wrote: > On Sunday, May 13, 2012 at 5:47 PM, Anant Narayanan wrote: >> > > installs_allowed_from: An array of origins that are allowed to trigger >> > > installation of this application. This field allows the developer to >> > > restrict installation of their application to specific sites. If the >> > > value is omitted, installs are allowed from any site. >> > >> > How are origins parsed? >> >> I'm not sure what the question means, but origins are essentially a >> combination of [protocol]://[hostname]:[port]. Whenever an install is >> triggered, the UA must check if the origin of the page triggering the >> install is present in this array. * is a valid value for >> installs_allowed_from, in which case the UA may skip this check. > > By parsing I mean which ones win, which ones get discarded, what happens to > invalid ones, are they resolved already, etc. in the following: > > installs_allowed_from: [ " http://foo/ ", "bar://", 22, > "https://foo/bar/#*";, "http://foo:80/";, "wee!!!", "http://baz/hello there!", > "http://baz/hello%20there!";] > > And so on. So, all the error handling stuff. Or is a single error fatal?
I seem to have missed the context for this thread, but typically origins are not parsed. They're compared character-by-character to see if they're identical. If you have a URL, you can find its origin and then serialize it to ASCII or Unicode if you want to compare it with another origin. Adam
