On Wednesday 2006-08-02 14:10 -0400, Doug Schepers wrote: > Mr. Harold does not seem to care for the Access Control specification, using > such colorful language as "colossally brain damaged" and "the single most > broken security design I've seen in years". > > http://www.cafeconleche.org/oldnews/news2006May27.html
I think the complaint I'd take most seriously is the latter part of: # At best this is a very poorly written specification that doesn'tt # explain what it's actually trying to do. It would be good if "cross-site scripting" appeared in the document introduction rather than appearing only once in section three, since the point of it (as I understand it) is to allow a page to relax cross-site scripting restrictions on accessing it. -David -- L. David Baron <URL: http://dbaron.org/ > Technical Lead, Layout & CSS, Mozilla Corporation
pgpgRjffDOQ4S.pgp
Description: PGP signature
