On Wed, 09 May 2007 21:28:12 +0200, Ian Hickson <[EMAIL PROTECTED]> wrote:
In 2.1, ""deny" rules can be used by authors to deny read access from
external resources to the entire server a simple way without having to
check each individual XML resource that may have <?access-control?>
processing instructions specified." is somewhat confusing to a first time
reader because the PI hasn't yet been met.
In fact it's still confusing to me now. I think your prepositions are all
wrong. I'm not really sure what you're trying to say.
I tried to clarify it.
2.2 doesn't actually say that if the MUSTs are violated that the resource
is put in error.
You mean to make it more clear to authors? Because when something is
rejected is now determined by the algorithm in section 3.
In 3: "The match list and exclude list are both unordered lists of access
items." -- "the" match list? "the" exclude list? There are 3 of each!
This should probably be in the plural or something.
Made the definitions plural.
Is there a difference between "terminate this algorithm" and "terminate
this algorithm (process the next list item)"?
I rewrote most of this sub algorithm handling to make it much more clear
(hopefully!) what needs to be done.
"user agents must grant access to the resource" can we make that a SHOULD
instead of a MUST?
Makes sense, addressed.
It isn't completely clear to me what the "overall algorithm" is. The
sub-algorithms have <ol>s, maybe the overall algorithm should too? I
don't know.
I put it <ol>. It probably needs some further tweaking to make it clear
when it's invoked and such.
I can't really comment on the "match" algorithm because I don't know what
Request URL is supposed to be. For example, is it expected to be an
absolute URL always, or can it be relative? What does it mean for the
origin not to have a scheme? Why would you ignore the scheme if it's not
followed by "://" ? How can it not have a port? Are non-host-based-
authority schemes allowed?
Step 9 doesn't specify the order.
I tried to fix these as well. See:
http://dev.w3.org/cvsweb/~checkout~/2006/waf/access-control/Overview.html?content-type=text/html;%20charset=utf-8
--
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>
