On Sun, 12 Mar 2006 04:11:28 +0600, Douglas Crockford
[EMAIL PROTECTED] wrote:
I am proposing a new mechanism for doing data transport in Ajax/Comet
applications. It is called JSONRequest. It is a minimal communications
facility that can be exempted from the Same Origin Policy.
You can read
Henri Sivonen wrote:
If a meta element whose http-equiv attribute has the value
Content-Type (compare case-insensitively) and whose content attribute
has a value that begins with text/html; charset=, the string in the
content attribute following the start text/html; charset= is taken,
white
On Mar 13, 2006, at 16:12, Lachlan Hunt wrote:
Henri Sivonen wrote:
Authors are adviced not to use the UTF-32 encoding or legacy
encodings. (Note: I think UTF-32 on the Web is harmful and utterly
pointless,
I agree about it being pointless, but why is it considered harmful?
Opportunity
On Mar 10, 2006, at 00:08, Ian Hickson wrote:
Exceptions: base target may mean that
base should have either href or target.
I just realized that if the base element has attributes other than
href, for example id or class, there is no way to serialize those
attributes in conforming XHTML5.
Gervase Markham wrote:
Darin Fisher wrote:
Backing up a second, I think what we need is a way to grant websites the
ability to control who may access their resources. It'd be ideal if the
browser had a way to ask the server for the list of hosts (or domains)
that are permitted to access it.
I am proposing a new mechanism for doing data transport in Ajax/Comet
applications. It is called JSONRequest. It is a minimal communications
facility that can be exempted from the Same Origin Policy.
You can read about it here: http://json.org/JSONRequest.html
Unfortunately your security
Le Mon, 13 Mar 2006 10:16:55 +0200, Alexey Feldgendler
[EMAIL PROTECTED] a écrit:
On Fri, 10 Mar 2006 17:49:17 +0600, Mihai Sucan [EMAIL PROTECTED]
wrote:
...
No, it's not really a change in getElementBy* functions. Because there
have been no sandboxes before HTML 5, noone can really
Darin Fisher wrote:
Keep in mind that there is also the problem that the POST request may
have undesirable side-effects. The web app probably needs a request
header from the browser to tell it what domain is sending it data. The
Referer header is not sufficient since the browser will not
On 3/13/06, Douglas Crockford [EMAIL PROTECTED] wrote:
It provides this highly valuable service while introducing no new
security vulnerabilities.
is false, please remove it to avoid any confusion.
It would be very helpful if you could list the situations that
you have determined are
On Saturday 2006-03-11 00:22 +, Ian Hickson wrote:
On Fri, 4 Nov 2005, L. David Baron wrote:
On Monday 2005-10-31 10:53 +1100, Lachlan Hunt wrote:
The current web-apps draft:
| For styling languages that consist of pure text, user agents must use
| a concatenation of the
On Mon, 13 Mar 2006, L. David Baron wrote:
STYLE and SCRIPT elements have similar parsing rules in tag-soup HTML,
where everything is treated as text until /style or /script. This
is why you see an alert with stuff that looks like tags in:
11 matches
Mail list logo
