On Wed, 08 Sep 2010 01:09:13 +0200, Jian Li jia...@chromium.org wrote:
Several specs, like File API and WebGL, use ArrayBuffer, while other
spec, like XMLHttpRequest Level 2, use ByteArray. Should we change to
use the same name all across our specs? Since we define ArrayBuffer in
the Typed
On Tue, 07 Sep 2010 22:57:27 +0200, Adam Barth w...@adambarth.com wrote:
It sounds like CSP is creating sub-origin privileges. Sub-origin
privileges don't really work, so it's unclear to what a sensible
result would be.
This is a problem with your alternative CSP proposal as well, no?
On Wed, Sep 8, 2010 at 2:10 AM, Anne van Kesteren ann...@opera.com wrote:
On Tue, 07 Sep 2010 22:57:27 +0200, Adam Barth w...@adambarth.com wrote:
It sounds like CSP is creating sub-origin privileges. Sub-origin
privileges don't really work, so it's unclear to what a sensible
result would be.
On Wed, 08 Sep 2010 11:20:30 +0200, Adam Barth w...@adambarth.com wrote:
The goal of AllowedScripts is not to limit a privilege to a subset of
an origin. Rather, the goal is to prevent an attacker who can inject
markup into a document from executing script. Put another way, if
you're already
On Wed, 08 Sep 2010 01:19:17 +0200, Ian Hickson i...@hixie.ch wrote:
On Fri, 23 Jul 2010, Philip Jägenstedt wrote:
http://www.whatwg.org/specs/web-apps/current-work/multipage/video.html#attr-track-kind
The distinction between subtitles and captions isn't terribly clear.
It says that
On Tue, 07 Sep 2010 22:00:55 +0200, Boris Zbarsky bzbar...@mit.edu wrote:
On 9/7/10 3:29 PM, Aryeh Gregor wrote:
* Sniff only if Content-Type is typical of what popular browsers serve
for unrecognized filetypes. E.g., only for no Content-Type,
text/plain, or application/octet-stream, and only
On Wed, Sep 8, 2010 at 2:27 AM, Philip Jägenstedt phil...@opera.com wrote:
On Wed, 08 Sep 2010 01:19:17 +0200, Ian Hickson i...@hixie.ch wrote:
We could say that a custom voice has to start with some punctuation or
other, say :philip?
Yes, that would be better than numerical voices IMO.
On 07.09.2010 22:00, Boris Zbarsky wrote:
...
* If a file in a top-level browsing context is sniffed as video but
then some kind of error is returned before the video plays the first
frame, fall back to allowing the user to download it, or whatever the
usual action would be if no sniffing had
On Sep 8, 2010, at 12:13 AM, Anne van Kesteren wrote:
On Wed, 08 Sep 2010 01:09:13 +0200, Jian Li jia...@chromium.org wrote:
Several specs, like File API and WebGL, use ArrayBuffer, while other spec,
like XMLHttpRequest Level 2, use ByteArray. Should we change to use the same
name all
On Wed, 08 Sep 2010 17:22:44 +0200, Chris Marrin cmar...@apple.com wrote:
On Sep 8, 2010, at 12:13 AM, Anne van Kesteren wrote:
On Wed, 08 Sep 2010 01:09:13 +0200, Jian Li jia...@chromium.org wrote:
Several specs, like File API and WebGL, use ArrayBuffer, while other
spec, like
The problem with throwing an exception is that it's fairly common for code to
end up accidentally producing a NaN or Infinite value, and throwing an
exception would prevent all subsequent drawing from occurring.
I suggested this behaviour a long time ago after running into yet another piece
of
On Wed, Sep 8, 2010 at 2:24 AM, Anne van Kesteren ann...@opera.com wrote:
On Wed, 08 Sep 2010 11:20:30 +0200, Adam Barth w...@adambarth.com wrote:
The goal of AllowedScripts is not to limit a privilege to a subset of
an origin. Rather, the goal is to prevent an attacker who can inject
markup
I want to know the differences between these HTML5 drafts( I don't want to
know more details about the differences, and just want to know the major
changes),
Could someone know where to find such Information?
Thanks
what about don't sniff if the HTML gave you a mime type (i.e. a source
element with a type attribute), or at least don't sniff for the purposes of
determining CanPlay, dispatch, if the HTML source gave you a mime type?
On Sep 8, 2010, at 2:33 , Philip Jägenstedt wrote:
On Tue, 07 Sep 2010
On Wed, Sep 8, 2010 at 10:11 AM, zhao Matt mattzhao...@gmail.com wrote:
I want to know the differences between these HTML5 drafts( I don't want to
know more details about the differences, and just want to know the major
changes),
Could someone know where to find such Information?
Which
On Wed, Sep 8, 2010 at 9:45 AM, Oliver Hunt oli...@apple.com wrote:
The problem with throwing an exception is that it's fairly common for code to
end up accidentally producing a NaN or Infinite value, and throwing an
exception would prevent all subsequent drawing from occurring.
I believe
WHATWG version. thanks
On Thu, Sep 9, 2010 at 1:19 AM, Tab Atkins Jr. jackalm...@gmail.com wrote:
On Wed, Sep 8, 2010 at 10:11 AM, zhao Matt mattzhao...@gmail.com wrote:
I want to know the differences between these HTML5 drafts( I don't want
to
know more details about the differences, and
On Sep 8, 2010, at 10:20 AM, Eric Uhrhane wrote:
On Wed, Sep 8, 2010 at 9:45 AM, Oliver Hunt oli...@apple.com wrote:
The problem with throwing an exception is that it's fairly common for code
to end up accidentally producing a NaN or Infinite value, and throwing an
exception would prevent
http://html5.org/tools/web-apps-tracker shows recent changes (with diffs).
Mihai
On Wed, Sep 8, 2010 at 10:31 AM, zhao Matt mattzhao...@gmail.com wrote:
WHATWG version. thanks
On Thu, Sep 9, 2010 at 1:19 AM, Tab Atkins Jr. jackalm...@gmail.com wrote:
On Wed, Sep 8, 2010 at 10:11 AM, zhao
Also, I found a W3C draft's publication notes at
http://www.w3.org/TR/2008/NOTE-html5-pubnotes-20080610/.
However, I can't find other draft's publication notes.
On Thu, Sep 9, 2010 at 1:31 AM, zhao Matt mattzhao...@gmail.com wrote:
WHATWG version. thanks
On Thu, Sep 9, 2010 at 1:19 AM, Tab
On Wed, 08 Sep 2010 19:39:18 +0200, zhao Matt mattzhao...@gmail.com
wrote:
Also, I found a W3C draft's publication notes at
http://www.w3.org/TR/2008/NOTE-html5-pubnotes-20080610/.
However, I can't find other draft's publication notes.
I think pubnotes haven't been written for other drafts
On Tue, Sep 7, 2010 at 4:09 PM, Jian Li jia...@chromium.org wrote:
Hi,
Several specs, like File API and WebGL, use ArrayBuffer, while other spec,
like XMLHttpRequest Level 2, use ByteArray. Should we change to use the same
name all across our specs? Since we define ArrayBuffer in the Typed
On 9/8/10 12:45 PM, Oliver Hunt wrote:
I suggested this behaviour a long time ago after running into yet
another piece of code that hit this case in webkit (back when the
spec said to throw an exception) yet firefox and opera did not throw.
In some cases firefox does throw, and in others it
Thanks. I am a newbie ;)
BTW, some revisions(e.g. 5443, 5439) are displayed in red background. What
does it mean?
When I click a revision's URL,
e.g. http://html5.org/tools/web-apps-tracker?from=5442to=5443
The web page is strangely displayed. My browser is Firefox 3.6, need I use
other
On Wed, Sep 8, 2010 at 10:33 AM, Oliver Hunt oli...@apple.com wrote:
In a lot of cases all you want to do is ignore NaN and Infinite values,
otherwise you basically have to prepend every call to canvas with NaN and
Infinity checks if you're computing values unless you can absolutely
thanks
On Thu, Sep 9, 2010 at 1:43 AM, Simon Pieters sim...@opera.com wrote:
On Wed, 08 Sep 2010 19:39:18 +0200, zhao Matt mattzhao...@gmail.com
wrote:
Also, I found a W3C draft's publication notes at
http://www.w3.org/TR/2008/NOTE-html5-pubnotes-20080610/.
However, I can't find other
On 9/8/10 1:33 PM, Oliver Hunt wrote:
Additionally there is content that depends on the non-throwing behaviour, in
webkit we had to drop the exceptions that we threw due to content that worked
in firefox because of the absence of exceptions.
I'm really curious about this claim. Looking at
On 9/8/10 11:05 AM, Julian Reschke wrote:
It's not that hard if it's acceptable to restart the network request
(just do it again, with a flag not-to-sniff).
It's common enough to not be ok to restart, though. And even the
restart behavior can be pretty complicated, since it requires not just
On Sep 8, 2010, at 9:44 AM, Simon Pieters wrote:
On Wed, 08 Sep 2010 17:22:44 +0200, Chris Marrin cmar...@apple.com wrote:
On Sep 8, 2010, at 12:13 AM, Anne van Kesteren wrote:
On Wed, 08 Sep 2010 01:09:13 +0200, Jian Li jia...@chromium.org wrote:
Several specs, like File API and
On Wed, 08 Sep 2010 20:13:19 +0200, Chris Marrin cmar...@apple.com wrote:
ArrayBuffer certainly has momentum behind it. It started as a part of
the WebGL spec as a way of passing buffers of data of various types
(sometimes heterogeneous types) to the WebGL engine. Since then, it
has found
On Sep 8, 2010, at 11:13 AM, Chris Marrin wrote:
Web Sockets is certainly another candidate, but I meant Web Workers. There
have been informal discussions on using ArrayBuffers as a way to safely share
binary data between threads. I don't believe anything has been formalized
here.
You
On Sep 8, 2010, at 11:00 AM, Boris Zbarsky wrote:
On 9/8/10 12:45 PM, Oliver Hunt wrote:
I suggested this behaviour a long time ago after running into yet
another piece of code that hit this case in webkit (back when the
spec said to throw an exception) yet firefox and opera did not throw.
On Wed, Sep 8, 2010 at 11:21 AM, Oliver Hunt oli...@apple.com wrote:
On Sep 8, 2010, at 11:13 AM, Chris Marrin wrote:
Web Sockets is certainly another candidate, but I meant Web Workers. There
have been informal discussions on using ArrayBuffers as a way to safely
share binary data between
On Sep 8, 2010, at 11:21 AM, Oliver Hunt wrote:
On Sep 8, 2010, at 11:13 AM, Chris Marrin wrote:
Web Sockets is certainly another candidate, but I meant Web Workers. There
have been informal discussions on using ArrayBuffers as a way to safely
share binary data between threads. I don't
On Wed, Sep 8, 2010 at 11:00 AM, zhao Matt mattzhao...@gmail.com wrote:
Thanks. I am a newbie ;)
BTW, some revisions(e.g. 5443, 5439) are displayed in red background. What
does it mean?
The color is an indication of the type of edit. If you hover the link
in the revision message, you'll see
On 09/07/2010 09:29 PM, Aryeh Gregor wrote:
I'm not a fan of sniffing, but I'm also not a fan of blindly believing
clearly wrong MIME types
Who decides what is clearly wrong? Perhaps I *meant* to serve a
non-video file with something that looks a fingerprint from a video
format at the top.
On Tue, Sep 7, 2010 at 4:00 PM, Boris Zbarsky bzbar...@mit.edu wrote:
On 9/7/10 3:29 PM, Aryeh Gregor wrote:
* Sniff only if Content-Type is typical of what popular browsers serve
for unrecognized filetypes. E.g., only for no Content-Type,
text/plain, or application/octet-stream, and only if
On 9/8/10 2:22 PM, Oliver Hunt wrote:
I can see a number of canvas discussions in late 2007/early 2008 on the whatwg
list, so i presume that covers some of it.
OK. All versions of Firefox threw at that point.
It also only leads to incorrect rendering if the behaviour if it's unexpected.
On 9/8/10 3:58 PM, Aryeh Gregor wrote:
And the problem is that you don't want to keep the data handy in case
it fails?
Yes. The problem is that I don't want to have to buffer up
potentially-arbitrary amounts of data.
Yes. Undocumented sniffing behaviour has caused many vulnerabilities, as
On Fri, 3 Sep 2010, Henri Sivonen wrote:
When evaluating a parser-inserted script, there are three potential script
global objects to use:
1) The script global object of the document whose active parser the parser
that inserted the script is.
2) The script global object of the document
On Wed, Sep 8, 2010 at 9:02 PM, Boris Zbarsky bzbar...@mit.edu wrote:
On 9/8/10 2:22 PM, Oliver Hunt wrote:
One old case that failed in the presence of exceptions was the old canvex
demo at http://canvex.lazyilluminati.com/83/play.xhtml - this was one of the
first cases i saw after trying to
On Thu, Sep 9, 2010 at 4:37 AM, Chris Marrin cmar...@apple.com wrote:
On Sep 8, 2010, at 11:21 AM, Oliver Hunt wrote:
On Sep 8, 2010, at 11:13 AM, Chris Marrin wrote:
Web Sockets is certainly another candidate, but I meant Web Workers.
There have been informal discussions on using
On Sep 8, 2010, at 12:58 , Aryeh Gregor wrote:
On Wed, Sep 8, 2010 at 1:14 PM, David Singer sin...@apple.com wrote:
what about don't sniff if the HTML gave you a mime type (i.e. a source
element with a type attribute), or at least don't sniff for the purposes of
determining CanPlay,
On 9/8/10 7:04 PM, Philip Taylor wrote:
I think the relevant bug is
https://bugs.webkit.org/show_bug.cgi?id=13537 which was actually
caused by passing 0 sizes to drawImage, not by non-finite values.
Ah, yes. The drawImage size check for 0 in Gecko is still nonthrowing,
and has never thrown to
44 matches
Mail list logo