Anne van Kesteren wrote:
On Fri, 08 Aug 2008 20:44:04 +0200, Jonas Sicking [EMAIL PROTECTED] wrote:
The big worry I have though is if there is any possibility to puny
encode the same origin in multiple ways (other than with or without
default port). This could lead to different UAs encoding
On Fri, 05 Sep 2008 09:43:29 +0200, Jonas Sicking [EMAIL PROTECTED] wrote:
The only thing that i _know_ of is that:
http://foo.com
and
http://foo.com:80
are the same origin but have different string representations.
Yes, authors would have to use the former. (The former is also what Origin
Anne van Kesteren wrote:
...
Using the latter is non-conforming for Origin and also non-conforming
for Access-Control-Allow-Origin, which per its current definition either
mathces Origin literally or is a wildcard. So currently RFC 2047
extensions are simply not supported (and not needeD) by
Anne van Kesteren wrote:
On Fri, 05 Sep 2008 09:43:29 +0200, Jonas Sicking [EMAIL PROTECTED] wrote:
http://foo.com
and
http://foo.com:80
are the same origin but have different string representations.
Yes, authors would have to use the former. (The former is also what
Origin will tell them
On Fri, 05 Sep 2008 14:42:45 +0200, Boris Zbarsky [EMAIL PROTECTED] wrote:
Anne van Kesteren wrote:
On Fri, 05 Sep 2008 09:43:29 +0200, Jonas Sicking [EMAIL PROTECTED]
wrote:
http://foo.com
and
http://foo.com:80
are the same origin but have different string representations.
Yes, authors
On Fri, 08 Aug 2008 20:44:04 +0200, Jonas Sicking [EMAIL PROTECTED] wrote:
The big worry I have though is if there is any possibility to puny
encode the same origin in multiple ways (other than with or without
default port). This could lead to different UAs encoding the same origin
in
Anne van Kesteren wrote:
On Wed, 30 Jul 2008 18:19:20 +0200, Jonas Sicking [EMAIL PROTECTED] wrote:
Please note that
Access-Control-Allow-Origin: url
is also allowed syntax. Where the url must contain only scheme, [host,
and port].
So the following syntax is allowed:
Anne van Kesteren wrote:
On Fri, 08 Aug 2008 08:28:48 +0200, Jonas Sicking [EMAIL PROTECTED] wrote:
Anne van Kesteren wrote:
My plan is to simply require Access-Control-Allow-Origin to hold the
ASCII serialization of an origin (see HTML5) and have a literal
comparison of that with the
On Fri, 08 Aug 2008 11:20:44 +0200, Julian Reschke [EMAIL PROTECTED]
wrote:
Anne van Kesteren wrote:
On Fri, 08 Aug 2008 08:28:48 +0200, Jonas Sicking [EMAIL PROTECTED]
wrote:
Anne van Kesteren wrote:
My plan is to simply require Access-Control-Allow-Origin to hold the
ASCII
On Fri, 08 Aug 2008 11:38:55 +0200, Jonas Sicking [EMAIL PROTECTED] wrote:
String comparison is not going to be ok either way. The following two
origins are equivalent:
http://www.foo.com
http://www.foo.com:80
My proposal was to treat those as non-equivalent. Basically, to require
Jonas Sicking wrote:
Anne van Kesteren wrote:
On Fri, 08 Aug 2008 11:38:55 +0200, Jonas Sicking [EMAIL PROTECTED]
wrote:
String comparison is not going to be ok either way. The following two
origins are equivalent:
http://www.foo.com
http://www.foo.com:80
My proposal was to treat those
On Wed, 30 Jul 2008 18:19:20 +0200, Jonas Sicking [EMAIL PROTECTED] wrote:
Please note that
Access-Control-Allow-Origin: url
is also allowed syntax. Where the url must contain only scheme, [host,
and port].
So the following syntax is allowed:
Access-Control-Allow-Origin:
Sunava Dutta wrote:
In offline conversations with Jonas on the topic of supporting the url
syntax I think Jonas mentioned a good point regarding supporting URL
for the private scenario. Namely, in caching scenarios allowing the
URL to be sent in the response header if mistakes happen (for
;
Gideon Cohn; public-webapps@w3.org; IE8 Core AJAX SWAT Team
Subject: Re: XDomainRequest Integration with AC
And note that this syntax should be supported even in the public data
scenario.
/ Jonas
Jonas Sicking wrote:
Please note that
Access-Control-Allow-Origin: url
is also allowed
PROTECTED]; Sharath Udupa; Zhenbin Xu; Gideon
Cohn; public-webapps@w3.org; IE8 Core AJAX SWAT Team
Subject: Re: XDomainRequest Integration with AC
On Jul 18, 2008, at 11:15 PM, Jonas Sicking wrote:
Maciej Stachowiak wrote:
On Jul 18, 2008, at 4:20 PM, Sunava Dutta wrote:
I'm in time pressure
[mailto:[EMAIL PROTECTED]
Sent: Saturday, July 19, 2008 9:32 PM
To: Jonas Sicking
Cc: Sunava Dutta; [EMAIL PROTECTED]; Sharath Udupa; Zhenbin Xu; Gideon
Cohn; public-webapps@w3.org; IE8 Core AJAX SWAT Team
Subject: Re: XDomainRequest Integration with AC
On Jul 18, 2008, at 11:15 PM, Jonas Sicking
Core AJAX SWAT Team
Subject: Re: XDomainRequest Integration with AC
On Jul 18, 2008, at 11:15 PM, Jonas Sicking wrote:
Maciej Stachowiak wrote:
On Jul 18, 2008, at 4:20 PM, Sunava Dutta wrote:
I'm in time pressure to lock down the header names for Beta 2 to
integrate XDR with AC. It seems
Adam Roben wrote:
On Jul 30, 2008, at 12:19 PM, Jonas Sicking wrote:
Please note that
Access-Control-Allow-Origin: url
is also allowed syntax. Where the url must contain only scheme, domain
and host.
Do you mean scheme, host, and port?
Yes :)
/ Jonas
-
From: Maciej Stachowiak [mailto:[EMAIL PROTECTED]
Sent: Saturday, July 19, 2008 9:32 PM
To: Jonas Sicking
Cc: Sunava Dutta; [EMAIL PROTECTED]; Sharath Udupa; Zhenbin Xu; Gideon
Cohn; public-webapps@w3.org; IE8 Core AJAX SWAT Team
Subject: Re: XDomainRequest Integration with AC
On Jul 18, 2008
Julian Reschke wrote:
Ian Hickson wrote:
On Mon, 21 Jul 2008, Julian Reschke wrote:
Ian Hickson wrote:
...
...which basically just says it's a valid URL if it's a valid URI or
IRI
(with some caveats in the case of IRIs to prevent legacy encoding
behaviour
from handling valid URLs in a
On Mon, 21 Jul 2008, Julian Reschke wrote:
...which basically just says it's a valid URL if it's a valid URI
or IRI (with some caveats in the case of IRIs to prevent legacy
encoding behaviour from handling valid URLs in a way that
contradicts the IRI spec). This doesn't
Ian Hickson wrote:
Non-ASCII characters in header values are by definition ISO-8859-1.
Well then the answer to your question is that you use ISO-8859-1 or
%-escaping. (And for legacy reasons, only %-escaping in the query part.)
Not sure what these legacy reasons have to do with AC. Also,
On Jul 20, 2008, at 12:09 PM, Jonas Sicking wrote:
Ian Hickson wrote:
On Sat, 19 Jul 2008, Jonas Sicking wrote:
According to the HTML5 spec space is a valid characted inside URLs.
That wasn't intentional -- can you point to where it says that? The
HTML5 spec relies on spaces not being
Maciej Stachowiak wrote:
On Jul 18, 2008, at 4:20 PM, Sunava Dutta wrote:
I’m in time pressure to lock down the header names for Beta 2 to
integrate XDR with AC. It seems no body has objected to Jonas’s
proposal. http://lists.w3.org/Archives/Public/public-webapps/2008JulSep/0175.html
Jonas Sicking wrote:
Maciej Stachowiak wrote:
On Jul 18, 2008, at 4:20 PM, Sunava Dutta wrote:
I’m in time pressure to lock down the header names for Beta 2 to
integrate XDR with AC. It seems no body has objected to Jonas’s
proposal.
I'm in time pressure to lock down the header names for Beta 2 to integrate XDR
with AC. It seems no body has objected to Jonas's proposal.
http://lists.w3.org/Archives/Public/public-webapps/2008JulSep/0175.html
Please let me know if this discussion is closed so we can make the change.
Namely,
Cc: public-webapps@w3.org; IE8 Core AJAX SWAT Team
Subject: XDomainRequest Integration with AC
I'm in time pressure to lock down the header names for Beta 2 to integrate XDR
with AC. It seems no body has objected to Jonas's proposal.
http://lists.w3.org/Archives/Public/public-webapps/2008JulSep
On Jul 18, 2008, at 4:20 PM, Sunava Dutta wrote:
I’m in time pressure to lock down the header names for Beta 2 to
integrate XDR with AC. It seems no body has objected to Jonas’s
proposal. http://lists.w3.org/Archives/Public/public-webapps/2008JulSep/0175.html
Please let me know if this
]; Sharath Udupa; Zhenbin Xu;
Gideon Cohn
Cc: public-webapps@w3.org; IE8 Core AJAX SWAT Team
Subject: XDomainRequest Integration with AC
I’m in time pressure to lock down the header names for Beta 2 to
integrate XDR with AC. It seems no body has objected to Jonas’s
proposal. http://lists.w3
]; [EMAIL
PROTECTED]mailto:[EMAIL PROTECTED]; Sharath Udupa; Zhenbin Xu; Gideon Cohn
Cc: public-webapps@w3.orgmailto:public-webapps@w3.org; IE8 Core AJAX SWAT Team
Subject: XDomainRequest Integration with AC
I'm in time pressure to lock down the header names for Beta 2 to integrate XDR
with AC
To: Eric Lawrence
Cc: Sunava Dutta; [EMAIL PROTECTED]; [EMAIL PROTECTED]; Sharath Udupa;
Zhenbin Xu; Gideon Cohn; public-webapps@w3.org; IE8 Core AJAX SWAT
Team
Subject: Re: XDomainRequest Integration with AC
On Jul 18, 2008, at 4:56 PM, Eric Lawrence wrote:
The specific concern
; [EMAIL PROTECTED]; [EMAIL PROTECTED]; Sharath Udupa; Zhenbin
Xu; Gideon Cohn; public-webapps@w3.org; IE8 Core AJAX SWAT Team
Subject: Re: XDomainRequest Integration with AC
On Jul 18, 2008, at 5:15 PM, Eric Lawrence wrote:
Can you elaborate on the scenario you're concerned about? I cannot think
Cohn;
public-webapps@w3.org; IE8 Core AJAX SWAT Team
Subject: Re: XDomainRequest Integration with AC
Maciej Stachowiak wrote:
On Jul 18, 2008, at 4:20 PM, Sunava Dutta wrote:
I'm in time pressure to lock down the header names for Beta 2 to
integrate XDR with AC. It seems no body has objected
33 matches
Mail list logo