Re: Let's turn WebDatabase into a WG Note

On Fri, Nov 20, 2009 at 4:44 AM, Charles McCathieNevile cha...@opera.com wrote: On Fri, 20 Nov 2009 06:23:38 +0100, Adrian Bateman adria...@microsoft.com wrote: ...As I noted at TPAC, at Microsoft we don't think we'll collectively be able to achieve reasonable interop because of the SQL

Re: Security evaluation of an example DAP policy

On Fri, Nov 20, 2009 at 8:34 AM, Robin Berjon ro...@berjon.com wrote: On Nov 20, 2009, at 00:22 , Adam Barth wrote: It's emails like this that make me skeptical of the security work being done in the device APIs working group. *sigh* I feel like a broken record. It feels like I've spent my

File writing ponderings (was: Re: Security evaluation of an example DAP policy)

Starting a new thread since the other one was more of a meta-discussion, this one has more technical meat on it. On Fri, Nov 20, 2009 at 9:23 AM, Robin Berjon ro...@berjon.com wrote: On Nov 20, 2009, at 17:40 , Adam Barth wrote: On Fri, Nov 20, 2009 at 8:34 AM, Robin Berjon ro...@berjon.com

Re: File writing ponderings (was: Re: Security evaluation of an example DAP policy)

On Sat, Nov 21, 2009 at 12:26 AM, Jonas Sicking jo...@sicking.cc wrote: Hmm.. This is a very interesting idea. Definitely worth exploring more. What I had in mind was basically something like this: 1. An API for creating File objects by concatinating strings, Blobs, ByteArrays (or whatever

Re: [cors] Uniform Messaging, a CSRF resistant profile of CORS

On Fri, Nov 20, 2009 at 5:04 PM, Tyler Close tyler.cl...@gmail.com wrote: MarkM and I have produced a draft specification for the GuestXHR functionality we've been advocating. The W3C style specification document is attached. We look forward to any feedback on it. We agree with others that

[webdatabase] Why does W3C have to worry about SQL dialect?

Hello, I have a LAMP based database application without JS on my server (well, with PostgreSQL). Now I want to make it Ajax/Offline compliant. I've done all my data manipulation/querying with pre-coded SQL statements into the PHP application. In last week I've tried to find out the right way to

Re: [webdatabase] Why does W3C have to worry about SQL dialect?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dan Forsberg wrote: Hello, I have a LAMP based database application without JS on my server (well, with PostgreSQL). Now I want to make it Ajax/Offline compliant. I've done all my data manipulation/querying with pre-coded SQL statements into

Re: [cors] Uniform Messaging, a CSRF resistant profile of CORS

On Sat, Nov 21, 2009 at 12:39 AM, Jonas Sicking jo...@sicking.cc wrote: I've only had time for a quick scan, but this looks like a very good proposal. Thanks. Is there a reason why a full XMLHttpRequest API couldn't be used? I guess in its most simple incarnation things like setRequestHeader