Re: Mutation events replacement

On Fri, Jul 1, 2011 at 5:36 PM, Rafael Weinstein wrote: > We've been prototyping more useful higher-level semantics on top of > what we've proposed (akin to what you're asking about). In general, if > you want to know something correct about what happened to a tree from > state (a) to state (b) y

Re: Mutation events replacement

On Fri, Jul 1, 2011 at 4:15 PM, David Flanagan wrote: > On 7/1/11 4:09 PM, Ryosuke Niwa wrote: > > On Fri, Jul 1, 2011 at 3:47 PM, Rafael Weinstein wrote: >> >> If you want to discover mutations to nodes while outside the tree, >> then having a single subtree observer isn't sufficient. You'll nee

Re: Mutation events replacement

On 7/1/11 4:09 PM, Ryosuke Niwa wrote: On Fri, Jul 1, 2011 at 3:47 PM, Rafael Weinstein > wrote: If you want to discover mutations to nodes while outside the tree, then having a single subtree observer isn't sufficient. You'll need an attribute observer reg

Re: Mutation events replacement

On Fri, Jul 1, 2011 at 3:47 PM, Rafael Weinstein wrote: > > If you want to discover mutations to nodes while outside the tree, > then having a single subtree observer isn't sufficient. You'll need an > attribute observer registered on all elements reachable from the root. > I believe this is the s

Re: Mutation events replacement

On Fri, Jul 1, 2011 at 3:25 PM, David Flanagan wrote: > On 7/1/11 3:06 PM, Olli Pettay wrote: >> >> On 07/02/2011 12:59 AM, David Flanagan wrote: >>> >>> But, and I think this is an interesting but, what happens if a node is >>> removed from the document, has its attributes or data or children >>>

Re: Mutation events replacement

On 7/1/11 3:06 PM, Olli Pettay wrote: On 07/02/2011 12:59 AM, David Flanagan wrote: But, and I think this is an interesting but, what happens if a node is removed from the document, has its attributes or data or children changed and is then re-inserted into the document? If the node has no pare

Re: Mutation events replacement

On 07/02/2011 12:59 AM, David Flanagan wrote: On 7/1/11 2:06 PM, Rafael Weinstein wrote: On Fri, Jul 1, 2011 at 12:43 PM, David Flanagan wrote: As I see it, the test of sufficiency of set of mutation event is if you can use them to mirror a document tree. And in my case I'm trying to do that a

Re: Mutation events replacement

On 7/1/11 2:06 PM, Rafael Weinstein wrote: On Fri, Jul 1, 2011 at 12:43 PM, David Flanagan wrote: As I see it, the test of sufficiency of set of mutation event is if you can use them to mirror a document tree. And in my case I'm trying to do that across a process boundary where I can't share n

Re: Mutation events replacement

On Fri, Jul 1, 2011 at 12:43 PM, David Flanagan wrote: > On 7/1/11 12:13 PM, Boris Zbarsky wrote: >> >> On 7/1/11 3:05 PM, David Flanagan wrote: >>> >>> I don't think I really explained my use case on this list. See >>> https://bugzilla.mozilla.org/show_bug.cgi?id=641821#c23 and >>> https://bugzil

Re: Mutation events replacement

On Fri, Jul 1, 2011 at 12:53 PM, David Flanagan wrote: > On 7/1/11 12:29 PM, Ryosuke Niwa wrote: > > I think this will be really hard to implement. For example, consider the > following code: > var parent = node.parentNode; > parent.removeChild(node); > setTimeout(function () {parent.appendChil

Re: Mutation events replacement

On 7/1/11 3:43 PM, David Flanagan wrote: Sure, but if there were multiple listeners on different subtrees, listening for different types of events, would you built up a custom mutation list for each one as the mutations were occuring? Or build up one master list and then filter it lazily when the

Re: Mutation events replacement

On 7/1/11 12:13 PM, Boris Zbarsky wrote: On 7/1/11 3:05 PM, David Flanagan wrote: I don't think I really explained my use case on this list. See https://bugzilla.mozilla.org/show_bug.cgi?id=641821#c23 and https://bugzilla.mozilla.org/show_bug.cgi?id=641821#c25 And https://bugzilla.mozilla.org/

Re: Mutation events replacement

On Fri, Jul 1, 2011 at 12:05 PM, David Flanagan wrote: > > The sketch that Rafael has provided does look like it would address my > needs. Not because all the mutations are batched into a single list (though > that seems like the most important feature of his proposal) but because his > example

Re: Mutation events replacement

On 7/1/11 3:05 PM, David Flanagan wrote: I don't think I really explained my use case on this list. See https://bugzilla.mozilla.org/show_bug.cgi?id=641821#c23 and https://bugzilla.mozilla.org/show_bug.cgi?id=641821#c25 And https://bugzilla.mozilla.org/show_bug.cgi?id=641821#c26 please > S

Re: Mutation events replacement

On 6/30/11 5:43 PM, Ryosuke Niwa wrote: On Thu, Jun 30, 2011 at 5:16 PM, Boris Zbarsky > wrote: On 6/30/11 7:01 PM, Ryosuke Niwa wrote: What do you mean by it being partially inserted? Like document relationship, etc... aren't consistent? That

RE: Publishing From-Origin Proposal as FPWD

The new WebAppSec WG charter draft does include a deliverable for secure mashups built with cross-domain framing, with the specific intent to put forward a proposal for anti-clickjacking in this space. However, I have concerns with nearly every aspect of this draft. First, I am concerned

[Bug 8241] Named properties on window

http://www.w3.org/Bugs/Public/show_bug.cgi?id=8241 Tony Ross [MSFT] changed: What|Removed |Added Status|RESOLVED|REOPENED CC|

Re: Publishing From-Origin Proposal as FPWD

On 6/30/11 10:31 PM, ext Daniel Veditz wrote: On 6/30/11 9:31 AM, Maciej Stachowiak wrote: On Jun 30, 2011, at 7:22 AM, Anne van Kesteren wrote: (Added public-web-security because of the potential for doing this in CSP instead. Though that would require a slight change of scope for CSP, which I

Re: [widgets] What is the status and plan for Widget URI spec?

On Jul 1, 2011, at 11:22 , Marcos Caceres wrote: > Want to add dereferencing model. Can be a new spec layered on top. > This would still be in scope of the charter, so it would not be an > issue to create a new spec. I reckon this doesn't need to be in a separate spec, it makes more sense to defi

Re: Indicating certificate order in XML Dig Sig

Marcos I have added a comment in our tracker tool regarding addition of an informative reference and link to XML Signature Best Practices to Introduction/References of XML Signature 1.1 (and implicitly XML Signature 2.0 as well). See LC-2504 : http://www.w3.org/2006/02/lc-comments-tracker/4245

TPAC2011 Meeting Registration Open; 31Oct - 4 Nov @ Santa Clara, CA

Below is some information about the W3C's 2011 Technical Plenary and all Working Group meeting week which is October 31 - November 4 in Santa Clara California: http://www.w3.org/2011/11/TPAC/#Finalized The current plan is for WebApps to only meet on Monday October 31. I created an agenda ou

Re: CORS Security Question

On Fri, Jul 1, 2011 at 1:41 AM, Anne van Kesteren wrote: > On Fri, 01 Jul 2011 09:48:43 +0200, Ashar Javed > wrote: >> >> If a server is returning (Access-Control-Allow-Origin: *) without setting >> the Origin header in HTTP request then can we say that server is not >> implementing CORS properly

Re: [widgets] What is the status and plan for Widget URI spec?

On Thu, Jun 30, 2011 at 1:44 PM, Robin Berjon wrote: > On Jun 29, 2011, at 16:33 , Arthur Barstow wrote: >> Robin - what is the status and plan for the Widget URI spec? >> >>  http://dev.w3.org/2006/waf/widgets-uri/ > > The status is that it's hanging on URI scheme registration. I'm afraid that I

Re: CORS Security Question

On Fri, 01 Jul 2011 09:48:43 +0200, Ashar Javed wrote: If a server is returning (Access-Control-Allow-Origin: *) without setting the Origin header in HTTP request then can we say that server is not implementing CORS properly? With the help of http://web-sniffer.net/, I randomly checked sit

CORS Security Question

Hi, If a server is returning (Access-Control-Allow-Origin: *) without setting the Origin header in HTTP request then can we say that server is not implementing CORS properly? With the help of http://web-sniffer.net/, I randomly checked sites (home pages only) for CORS and nearly 200 sites

Re: Mutation events replacement

On 30/06/11 22:42, Ryosuke Niwa wrote: On Thu, Jun 30, 2011 at 1:15 PM, David Flanagan > wrote: avoid the need to maintain a list of pending callbacks. Yeah, this is one reason I like Rafael's proposal of having a list of mutations. In many editing apps, you