Re: [XHR] SVG WG LC comments

2008-06-13 Thread Anne van Kesteren
not too important, determining the base URI seems important enough to justify this. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: Improving Communication and Expectations

2008-06-16 Thread Anne van Kesteren
fulfilled his actions in a timely and considerate manner. We have had plenty of telcons for Access Control, close to none (if not none) attended by Microsoft: http://www.google.com/search?q=WAF+WG+Access+Control+Voice+Conf -- Anne van Kesteren http://annevankesteren.nl/ http

Re: Opting in to cookies - proposal

2008-06-16 Thread Anne van Kesteren
makes more sense to me (and maybe allowing it to be influenced by a flag): http://lists.w3.org/Archives/Public/public-appformats/2008May/0007.html -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Plans for after F2F?

2008-06-17 Thread Anne van Kesteren
Hi, Is everyone leaving Thursday evening or Friday or some people staying until Saturday/Sunday? I'm trying to book flights and I'm not sure what return ticket to take. Cheers, -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: Opting in to cookies - proposal version 3

2008-06-19 Thread Anne van Kesteren
.) -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: ISSUE-5 (Unexpanded Entities): Wording for the Treatment of Unexpanded Entity References and Entity Replacement Markup [Element Traversal]

2008-06-22 Thread Anne van Kesteren
in the tree (or want your code to work whether or not you do). My proposal is indeed to fix DOM Core. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [access-control] Update

2008-07-09 Thread Anne van Kesteren
of a problem. Also, technically it is the superior solution, which should take care of 2. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [selectors-api] Selectors API comments: section 2

2008-07-09 Thread Anne van Kesteren
any changes so in case of a language not supporting optional arguments I suggest that language picks the version with the most arguments. I rather not add additional IDL information for such languages as they're probably a 1% use case. -- Anne van Kesteren http://annevankesteren.nl/ http

Re: [access-control] Update

2008-07-09 Thread Anne van Kesteren
On Thu, 10 Jul 2008 01:13:52 +0200, Jonas Sicking [EMAIL PROTECTED] wrote: Anne van Kesteren wrote: This is exactly how postMessage() works and it seems nice to align with that. I am very strongly against this syntax as it gives a false sense of security. To the point where I don't think

Re: [selectors-api] What DOM feature Selectors API belongs to?

2008-07-14 Thread Anne van Kesteren
originally proposed this to Lachlan I suggested making it a feature for non-ECMAScript implementations. I agree that making it optional is not good. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [selectors-api] Investigating NSResolver Alternatives

2008-07-14 Thread Anne van Kesteren
On Mon, 14 Jul 2008 21:30:18 +0200, Boris Zbarsky [EMAIL PROTECTED] wrote: Anne van Kesteren wrote: How do I select all the inline SVG images on the page? div svg, p svg though it's not quite as thorough as your solution. Offhand, you're missing td, span, body to cover any sort

Re: [selectors-api] Investigating NSResolver Alternatives

2008-07-16 Thread Anne van Kesteren
van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: XDomainRequest Integration with AC

2008-08-07 Thread Anne van Kesteren
be fine I think. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: XDomainRequest Integration with AC

2008-08-08 Thread Anne van Kesteren
On Fri, 08 Aug 2008 11:20:44 +0200, Julian Reschke [EMAIL PROTECTED] wrote: Anne van Kesteren wrote: On Fri, 08 Aug 2008 08:28:48 +0200, Jonas Sicking [EMAIL PROTECTED] wrote: Anne van Kesteren wrote: My plan is to simply require Access-Control-Allow-Origin to hold the ASCII

Re: XDomainRequest Integration with AC

2008-08-08 Thread Anne van Kesteren
-Control-Allow-Origin to have the same value as Origin. (It seems that Ian has used this approach for WebSocket as well.) -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: ElementTraversal support in Firefox 3.1

2008-08-20 Thread Anne van Kesteren
the arguments about this being too complex to implement). Seems like an argument to drop the redundant childElementCount attribute... -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [selectors-api] Investigating NSResolver Alternatives

2008-08-20 Thread Anne van Kesteren
van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [selectors-api] What DOM feature Selectors API belongs to?

2008-08-20 Thread Anne van Kesteren
just reference DOM Level 2 Core? There's a lot in DOM Level 3 Core that's not really implemented yet or necessarily desirable. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: XDomainRequest Integration with AC

2008-08-26 Thread Anne van Kesteren
things simpler that seems better. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [access-control] Proposal

2008-08-26 Thread Anne van Kesteren
On Tue, 15 Jul 2008 01:02:58 +0200, Anne van Kesteren [EMAIL PROTECTED] wrote: Since implementations need answers to various open issues soonish and I'm leaving on vacation roughly two days from now I'll propose various solutions here and try to integrate them in drafts later on: I made

[access-control] Publishing

2008-08-28 Thread Anne van Kesteren
draft is (still) here: http://dev.w3.org/2006/waf/access-control/ Kind regards, -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: Web IDL? An IDL for the Web?

2008-09-03 Thread Anne van Kesteren
in mind (or knew about it). -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [XMLHttpRequest2] comments

2008-09-04 Thread Anne van Kesteren
On Mon, 11 Aug 2008 00:57:15 +0200, Anne van Kesteren [EMAIL PROTECTED] wrote: For when I next edit this draft (hopefully soon): * Origin header shouldn't point to the origin definition. * Exception codes need to be changed. (See XMLHTttpRequest Level 1.) * Upload notifications

Re: [XMLHttpRequest2] comments

2008-09-04 Thread Anne van Kesteren
On Thu, 04 Sep 2008 14:08:02 +0200, Anne van Kesteren [EMAIL PROTECTED] wrote: http://dev.w3.org/2006/webapi/XMLHttpRequest-2/ contains edits needed for this, as well as some other clarifications and updates from XMLHttpRequest Level 1. In fact, it might be worth publishing another copy

Re: [XHR2] upload complete flag

2008-09-04 Thread Anne van Kesteren
. Thanks! For reference, this was in reply to: http://lists.w3.org/Archives/Public/public-webapps/2008AprJun/0381.html http://lists.w3.org/Archives/Public/public-webapps/2008AprJun/0398.html -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [XHR2] Editorial: OPENED State

2008-09-04 Thread Anne van Kesteren
an associated send() flag... Fixed, thanks. (Changed the list by the way from public-webapi to public-webapps.) -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: XDomainRequest Integration with AC

2008-09-05 Thread Anne van Kesteren
) by the specification. Given that interoperability on encoded-word is very poor I suggest we keep it that way. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

[xmlhttprequest2] timeout and JSON

2008-09-05 Thread Anne van Kesteren
that are necessary.) -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: XDomainRequest Integration with AC

2008-09-05 Thread Anne van Kesteren
On Fri, 05 Sep 2008 14:42:45 +0200, Boris Zbarsky [EMAIL PROTECTED] wrote: Anne van Kesteren wrote: On Fri, 05 Sep 2008 09:43:29 +0200, Jonas Sicking [EMAIL PROTECTED] wrote: http://foo.com and http://foo.com:80 are the same origin but have different string representations. Yes, authors

[xmlhttprequest2] loadend / done / ...

2008-09-08 Thread Anne van Kesteren
, no? That is, if load/abort/error are dispatched as the default action of loadend/done/..., of which I'm not sure it's a good idea. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [XHR] Some comments on charset in the Content-Type header

2008-09-19 Thread Anne van Kesteren
setRequestHeader()... -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [XHR] Some comments on charset in the Content-Type header

2008-09-19 Thread Anne van Kesteren
for not putting it there at all unless the media type is text or it is already present makes some sense though. In any case, my other example (JavaScript) remains. Is that being transmitted over XMLHttpRequest? And using a media type Internet Explorer does not support for ECMAScript? -- Anne van

Re: [XHR] Some comments on charset in the Content-Type header

2008-09-19 Thread Anne van Kesteren
On Fri, 19 Sep 2008 23:26:23 +0200, Boris Zbarsky [EMAIL PROTECTED] wrote: Anne van Kesteren wrote: Well, correcting charset is fine. The suggestion for not putting it there at all unless the media type is text or it is already present makes some sense though. I might be convinced

Re: [access-control] Implementation comments

2008-09-25 Thread Anne van Kesteren
Updated draft: http://dev.w3.org/2006/waf/access-control/ On Mon, 15 Sep 2008 17:08:20 +0200, Jonas Sicking [EMAIL PROTECTED] wrote: Anne van Kesteren wrote: It also seems arbitrary that depending on registered event listeners (also specifically before invoking send()) the server needs

Re: [access-control] Implementation comments

2008-09-26 Thread Anne van Kesteren
On Thu, 25 Sep 2008 19:12:54 +0200, Anne van Kesteren [EMAIL PROTECTED] wrote: On Thu, 25 Sep 2008 19:01:57 +0200, Jonas Sicking [EMAIL PROTECTED] wrote: We'd also need to do it if 'load' has been registered. I would in general say that we should force it if any events have been registered

Re: [access-control] Implementation comments

2008-09-29 Thread Anne van Kesteren
On Mon, 29 Sep 2008 18:03:43 -0400, Jonas Sicking [EMAIL PROTECTED] wrote: Anne van Kesteren wrote: Then I'll specify the former as special casing those methods here is something I rather not do. I'd much rather have addEventListener, addEventListenerNS, onprogress, etc. work consistently

Re: [access-control] Implementation comments

2008-09-29 Thread Anne van Kesteren
' as well, Why is that? so why not also 'loadstart' and 'error'. We could do that I suppose. It would require doing an origin check before returning on send() in the asynchronous case, but that shouldn't be much of an issue. -- Anne van Kesteren http://annevankesteren.nl/ http

[XHR2] XMLHttpRequest Level 2 WD Published

2008-10-06 Thread Anne van Kesteren
this draft is in flux, but it has one important feature that a previous version of this draft didn't have, namely a link to the Latest Editor Version, right at the top. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

[XHR2] Drop ByteArray?

2008-10-06 Thread Anne van Kesteren
. It would be nice to have access to the raw byte stream, as authors currently use ugly hacks to get to it, but higher level support for byte streams is somewhat of a prerequisite. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [access-control] non same-origin to same-origin redirect

2008-10-06 Thread Anne van Kesteren
On Fri, 03 Oct 2008 14:10:43 +0200, Anne van Kesteren [EMAIL PROTECTED] wrote: Since Jonas didn't e-mail about this I thought I would. Say http://x.example/x does a request to http://y.example/y. http://y.example/y redirects to http://x.example/y. If this request were to use the Access

Re: [XHR2] Drop ByteArray?

2008-10-06 Thread Anne van Kesteren
works ok in practice. Yeah, some collegues suggested it could indeed be as simple as CanvasPixelArray. Would be good to hear what the ECMAScript guys think. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [access-control] Implementation comments (credentials flag)

2008-10-06 Thread Anne van Kesteren
the credentials flag part of the primary key everywhere. Indeed. It didn't seem to be worth the trouble to optimize for public non credentialed requests for URLs that already have a credentialed cache entry. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [XHR2]

2008-10-07 Thread Anne van Kesteren
of is the editor's draft of XMLHttpRequest Level 1 (aka The XMLHttpRequest Object) and the other is for XMLHttpRequest Level 2. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

[access-control] registering headers

2008-10-08 Thread Anne van Kesteren
-message-headers/current/msg00094.html This is all just provisional registration for what it's worth. Permanent registration happens when the draft becomes a Recommendation. Kind regards, -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [access-control] Origin: null versus Origin:

2008-10-09 Thread Anne van Kesteren
be able to change its origin property to use the string null in these cases too. If HTML5 were to change Access Control would also automatically change. However, browsers are already deploying this. Then again, I haven't actually tested if any browser does Origin correctly yet. -- Anne van

[access-control] Headers deprecated

2008-10-18 Thread Anne van Kesteren
starts to happen on the IETF headers mailing listthat needs addressing... PS: I haven't yet reviewed what Jonas and Arthur have suggested. I will try to get on that soonish. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [access-control] Seeking Clarification and Status of Issues #25, #26, #29, #30, #31 and #32

2008-10-21 Thread Anne van Kesteren
for now although the list is sort of open for modification. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: ISSUE-77 (XHR2+loadend): XMLHttpRequestEventTarget should have attribute EventListener onloadend [XHR2]

2008-10-23 Thread Anne van Kesteren
On product: XHR2 XHR2/upload should probably have onloadend attribute. The spec should also mention when to dispatch loadend (maybe it is enough to refer to Progress Events spec) What is the use case for loadend? -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: FileUpload Spec | Editor's Draft | Re: Call for Consensus: a new WD of the File Upload spec

2008-10-23 Thread Anne van Kesteren
. The ability to split up a large file in a number of smaller files so you can e.g. resume upload if something goes wrong from a particular point was important. Everyone was ok with having access to the file data be asynchronous as far as I could tell. -- Anne van Kesteren http

Re: ISSUE-77 (XHR2+loadend): XMLHttpRequestEventTarget should have attribute EventListener onloadend [XHR2]

2008-10-23 Thread Anne van Kesteren
On Thu, 23 Oct 2008 13:21:37 +0200, Anne van Kesteren [EMAIL PROTECTED] wrote: On Thu, 23 Oct 2008 13:13:33 +0200, Web Applications Working Group Issue Tracker [EMAIL PROTECTED] wrote: XHR2/upload should probably have onloadend attribute. The spec should also mention when to dispatch

Re: New Progress draft (1.25)...

2008-10-23 Thread Anne van Kesteren
? I.e. why would you want to prevent abort/error/load from firing? I do like the symmetry in the current proposal where loadstart is the first thing that fires, and loadend is the last thing. Seems very intuitive. I agree that dispatching loadend last makes sense. -- Anne van Kesteren http

Re: [XHR] security issue with spec's same-origin and the Document pointer

2008-11-21 Thread Anne van Kesteren
not be thrown during the open() method invocation as the specification requires? -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [XHR] security issue with spec's same-origin and the Document pointer

2008-11-23 Thread Anne van Kesteren
On Sun, 23 Nov 2008 18:13:41 +0100, Hallvord R. M. Steen [EMAIL PROTECTED] wrote: On Fri, 21 Nov 2008 21:14:59 +0100, Anne van Kesteren [EMAIL PROTECTED] wrote: var xhrConstructor = iframe.contentWindow.XMLHttpRequest; iframe.src='http://attackee.example.com/'; . . var xhr = new

Re: XHR and AC4CSR Status [Was: [admin] Publishing moratorium for rest of 2008 - December 18 Deadline]

2008-11-27 Thread Anne van Kesteren
December 18 sounds good to me. Kind regards, -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [XHR] IDL namespace

2008-12-02 Thread Anne van Kesteren
for Selectors-API: what module/java-package will it be in? I'd hope non-ECMAScript languages have a better API for dealing with HTTP :-) In other words, does it really matter? -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [selectors-api] SVG WG Review of Selectors API

2008-12-09 Thread Anne van Kesteren
are not enforced (per specification), yet are RFC 2119 MUST requirements in their respective specifications. (Though in case of scripting MUST requires solving a certain unsolvable problem, so maybe MUST is not that appropriate...) -- Anne van Kesteren http://annevankesteren.nl/ http

Re: [XHR] blocking httpOnly cookies

2008-12-10 Thread Anne van Kesteren
/show_bug.cgi?id=380418 This is the exact same approach Opera has been following for a while. I have made this a requirement in the XMLHttpRequest specifications (the draft versions, of course). -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [XMLHttpRequest]HttpOnly cookies visibility in XMLHttpRequest

2008-12-10 Thread Anne van Kesteren
the httponly cookie note as it is no longer necessary. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [XHR2] progress events dispatch rate

2008-12-10 Thread Anne van Kesteren
On Tue, 25 Nov 2008 21:18:44 +0100, Olli Pettay [EMAIL PROTECTED] wrote: Hi Anne, it would be great to get the 50ms to the draft spec ;) Fixed! (Been away for a while, hence the delay.) -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [XHR] Error flag

2008-12-10 Thread Anne van Kesteren
this. It makes the IDL unreadable in my opinion and I believe it is not required in Web IDL (and if it is we should change that :-)). -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [XHR] Error flag

2008-12-10 Thread Anne van Kesteren
On Wed, 10 Dec 2008 16:04:08 +0100, Anne van Kesteren [EMAIL PROTECTED] wrote: On Sun, 07 Dec 2008 23:14:34 +0100, Kartikaya Gupta [EMAIL PROTECTED] wrote: The editor's draft of the XHR spec doesn't say when to clear the error flag. Based on experimentation I'm guessing it's supposed

Re: [XHR] Error flag

2008-12-11 Thread Anne van Kesteren
assume you're sticking with your plan of not specifying a module/namespace? It seems like clutter to me. Can't we have a default module all W3C specifications use unless otherwise specified? -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: setRequestHeader underspecified - setting Accept header as an example

2008-12-26 Thread Anne van Kesteren
for actual header values, and make some sensible rules from that. It also says that UAs should have an Accept header of */* when they supply one. Does the server still give XML back in that scenario? -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: Use cases for Selectors-API

2008-12-27 Thread Anne van Kesteren
is) But most Web authors know Selectors (from CSS), but hardly know XPath. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: Do we need to rename the Origin header?

2009-01-13 Thread Anne van Kesteren
header be renamed to something other than Origin. I'm fine with renaming it to Access-Control-Request-Origin as far as the Access Control draft is concerned. Maciej, Sam, Adam? -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

[access-control] Rename spec?

2009-01-13 Thread Anne van Kesteren
, they're just opague strings, but at least making it more clear what the specification is about might help people. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [access-control] Header definitions

2009-01-14 Thread Anne van Kesteren
://www.rfc-editor.org/rfc/rfc3864.txt -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [access-control] Rename spec?

2009-01-14 Thread Anne van Kesteren
will most definitely not change and I wasn't planning on changing the names of definitions either, to be honest. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [access-control] Access-Control-Allow-Origin: * and ascii-origin in IE8

2009-01-14 Thread Anne van Kesteren
of the API. (Of course, the semantics would be identical to what they are now.) -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [access-control] Rename spec?

2009-01-14 Thread Anne van Kesteren
the difference. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [access-control] Access-Control-Allow-Origin: * and ascii-origin in IE8

2009-01-14 Thread Anne van Kesteren
to site C, the UA adds the header Origin: A, B This would mean significant changes to the draft which would not work well for Microsoft. Renaming I would like to consider, changing the semantics drastically seems out of order at this point. -- Anne van Kesteren http

Re: [access-control] Rename spec?

2009-01-14 Thread Anne van Kesteren
, things like https://google.com and http://google.com are same domain, but definitely not same origin. The distinction is pretty important. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Origin IETF draft

2009-01-17 Thread Anne van Kesteren
Hi Adam, I heard you might be going to work on an IETF draft for the Origin header which both HTML5 and CORS (formerly access-control) could reference? Is that still planned? Kind regards, -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: Origin IETF draft

2009-01-17 Thread Anne van Kesteren
for the draft is. For me it does not really matter where the Origin header is defined, although I suppose it would help HTML5 in a technical sense if it was defined in a standalone draft (although I suspect that HTML5 will have to depend on CORS anyway for some of its features). -- Anne van

[origin] Thoughts and comments

2009-01-24 Thread Anne van Kesteren
this? It might help to outline that in the draft. Thanks for working on this by the way! -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [WebIDL] Including other IDL fragments

2009-01-27 Thread Anne van Kesteren
interfaces will be in? That would save a lot of redundant data in the primary user of this specification, namely W3C specifications extending the dom module. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [selectors-api] SVG WG Review of Selectors API

2009-01-28 Thread Anne van Kesteren
the API more complex is not worth it. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: Explain intended use of Access-Control-Origin?

2009-02-06 Thread Anne van Kesteren
/2006/waf/access-control/#access-control-allow-origin-header -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

[cors] Updates

2009-02-09 Thread Anne van Kesteren
on the wording in the latest draft: http://dev.w3.org/2006/waf/access-control/ -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [cors] Updates

2009-02-09 Thread Anne van Kesteren
On Mon, 09 Feb 2009 14:25:37 +0100, Thomas Roessler t...@w3.org wrote: On 9 Feb 2009, at 13:57, Anne van Kesteren wrote: * There was a logic error in the cache processing model. I wonder whether that part of the spec is actually being implemented (or found useful by implementors

Re: [webidl] [Implements] extended attribute

2009-02-10 Thread Anne van Kesteren
it makes actual sense to use inheritance. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

[cors] ACTION-11 API use cases

2009-02-10 Thread Anne van Kesteren
I took a stab at ACTION-11 which is currently assigned to Maciej: http://www.w3.org/2008/webapps/track/actions/11 http://dev.w3.org/2006/waf/access-control/#use-cases If this is good enough I suggest we close the action. -- Anne van Kesteren http://annevankesteren.nl/ http

Re: [cors] ACTION-11 API use cases

2009-02-10 Thread Anne van Kesteren
/CR-xbl-20070316/#security and maybe some discussion with Ian regarding this. It's been a while. Does that help? -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [XHR2] Progress events during synchronous requests

2009-02-12 Thread Anne van Kesteren
are dispatched is because Internet Explorer already did that. -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

[cors] cache-max-age: just 86400s?

2009-02-12 Thread Anne van Kesteren
it a recommendation in the specification (i.e. a should-level requirement). -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: DOMTimeStamp binding

2009-02-12 Thread Anne van Kesteren
IDL anyway.) -- Anne van Kesteren http://annevankesteren.nl/ http://www.opera.com/

Re: [cors] cache-max-age: just 86400s?

2009-02-25 Thread Anne van Kesteren
On Fri, 13 Feb 2009 04:57:19 +0900, Jonas Sicking jo...@sicking.cc wrote: On Thu, Feb 12, 2009 at 8:19 AM, Anne van Kesteren ann...@opera.com wrote: The specification does not state it yet, but it has been suggested that the maximum time any cache entry can persist in the preflight result

Re: [cors] Status

2009-02-25 Thread Anne van Kesteren
Here is an update on my last status messsage. On Mon, 09 Feb 2009 21:43:54 +0900, Anne van Kesteren ann...@opera.com wrote: [...] I would very much appreciate it if people involved in CORS (and other interested parties of course) can read through this e-mail and share their thoughts

Re: [cors] Updates

2009-02-25 Thread Anne van Kesteren
On Mon, 09 Feb 2009 21:57:47 +0900, Anne van Kesteren ann...@opera.com wrote: After renaming the specification I decided to go through the normative parts of the specification again to clean various things up and resolve some outstanding issues. Since the October 6 editor's draft (last

Re: [xhr2] Redirect during send question

2009-02-26 Thread Anne van Kesteren
On Wed, 25 Feb 2009 14:34:19 +0900, David Levin le...@chromium.org wrote: Just to round out the thread :), I fixed my test for IE and found that IE7 also throws an exception in this case. So all is good, right? :-) -- Anne van Kesteren http://annevankesteren.nl/

Re: [cors] Status

2009-03-02 Thread Anne van Kesteren
.org/mid/op.upwgh60b64w...@annevk-t60.oslo.opera.com I closed them apart from the action assigned to you. -- Anne van Kesteren http://annevankesteren.nl/

Re: [CORS] Charset in content type

2009-03-16 Thread Anne van Kesteren
but lower case here. Media types are ASCII case-insensitive. E.g. if someone does setRequestHeader(Content-type, TEXT/Plain) that should just work. -- Anne van Kesteren http://annevankesteren.nl/

Re: [XHR2] Upload events flag

2009-03-16 Thread Anne van Kesteren
events will only be dispatched if a preflight request was made. -- Anne van Kesteren http://annevankesteren.nl/

Re: [CORS] Charset in content type

2009-03-16 Thread Anne van Kesteren
want to do normalization of media types it seems better to do that in XMLHttpRequest, no? -- Anne van Kesteren http://annevankesteren.nl/

Re: [cors] Redirects and preflights

2009-03-16 Thread Anne van Kesteren
misunderstands the HTTP protocol by treating all redirects as redirects of the request, whereas many of them are just redirects of the response. Fair enough. Do you have specific suggestions for how we should handle them instead? -- Anne van Kesteren http://annevankesteren.nl/

Re: [CORS] Charset in content type

2009-03-17 Thread Anne van Kesteren
On Mon, 16 Mar 2009 11:12:01 -, Anne van Kesteren ann...@opera.com wrote: On Mon, 16 Mar 2009 12:07:22 +0100, Alexey Proskuryakov a...@webkit.org wrote: I think that the algorithm can only compare MIME types, not the full Content-Type string. I guess that makes sense. I made

[cors] Redirects

2009-03-17 Thread Anne van Kesteren
not been checked prior to the request. I think doing what the specification suggests here is safest. Overall, I still think that the only change we possibly want to make is for preflight requests. I'd appreciate feedback! -- Anne van Kesteren http://annevankesteren.nl/

Re: [cors] Redirects

2009-03-17 Thread Anne van Kesteren
On Tue, 17 Mar 2009 21:50:21 +0100, Anne van Kesteren ann...@opera.com wrote: * cross-origin request with preflight, actual request If we want to follow redirects here at all we can only do it for requests that do not require a preflight. Therefore I'm still not quite convinced that we

Re: [cors] Redirects

2009-03-18 Thread Anne van Kesteren
On Tue, 17 Mar 2009 21:56:52 +0100, Anne van Kesteren ann...@opera.com wrote: On Tue, 17 Mar 2009 21:50:21 +0100, Anne van Kesteren ann...@opera.com wrote: * cross-origin request with preflight, actual request If we want to follow redirects here at all we can only do it for requests

Re: [XHR2] Upload progress events and simple cross-origin requests

2009-03-19 Thread Anne van Kesteren
there are other ways of doing this, who are we helping exactly by making things more complicated for developers, implementors, and the specification author? Certainly not the user, because he is vulnerable either way. -- Anne van Kesteren http://annevankesteren.nl/

  1   2   3   4   5   6   7   8   9   10   >