On Mon, Jun 20, 2011 at 3:54 PM, Ian Hickson wrote:
>
> So the proposal that seems to address the most concerns raised in this
> thread would be to have postMessage() work like this:
>
> postMessage({ object }, [ array ]);
>
> ...with it resulting in an event that contains both {object} and [arr
On Tue, Jun 21, 2011 at 7:11 AM, Andres Riofrio wrote:
> On Mon, Jun 20, 2011 at 7:51 PM, Boris Zbarsky wrote:
>>
>> On 6/20/11 8:20 AM, Marcos Caceres wrote:
>>>
>>> Browser extensions are in every browser, so in a sense are part of the
>>> web platform.
>>
>> I strongly object to both this clai
On Tue, Jun 21, 2011 at 4:51 AM, Boris Zbarsky wrote:
> On 6/20/11 8:20 AM, Marcos Caceres wrote:
>>
>> Browser extensions are in every browser, so in a sense are part of the
>> web platform.
>
> I strongly object to both this claim and the idea that browser extension
> concerns should affect web-
http://www.w3.org/Bugs/Public/show_bug.cgi?id=11836
Ian 'Hixie' Hickson changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|
On Mon, Jun 20, 2011 at 7:51 PM, Boris Zbarsky wrote:
> On 6/20/11 8:20 AM, Marcos Caceres wrote:
>
>> Browser extensions are in every browser, so in a sense are part of the
>> web platform.
>>
>
> I strongly object to both this claim and the idea that browser extension
> concerns should affect w
On 6/20/11 8:20 AM, Marcos Caceres wrote:
Browser extensions are in every browser, so in a sense are part of the
web platform.
I strongly object to both this claim and the idea that browser extension
concerns should affect web-exposed APIs in general
The APIs exposed to browser extension
On 6/20/11 6:30 PM, Aryeh Gregor wrote:
I object to this. Web SQL Database was never interoperably
implemented, or adequately specified. Web Storage has been
implemented in every major browser for a few years, and tons of
content depends on it.
Note that there are currently major browsers tha
On Tue, Jun 21, 2011 at 8:06 AM, Glenn Maynard wrote:
> First-person games typically implement delta mouse movement by hiding
> the mouse cursor, warping the invisible cursor to the center of the
> screen when it moves, and monitoring the distance of mouse movement
> from the center of the screen
On Mon, Jun 20, 2011 at 5:14 PM, Gregg Tavares (wrk) wrote:
> On Mon, Jun 20, 2011 at 4:53 PM, Adam Barth wrote:
>> On Mon, Jun 20, 2011 at 3:30 PM, Tab Atkins Jr.
>> wrote:
>> > On Mon, Jun 20, 2011 at 3:26 PM, Olli Pettay
>> > wrote:
>> >> On 06/21/2011 01:08 AM, Tab Atkins Jr. wrote:
>> >>>
On Mon, Jun 20, 2011 at 4:53 PM, Adam Barth wrote:
> On Mon, Jun 20, 2011 at 3:30 PM, Tab Atkins Jr.
> wrote:
> > On Mon, Jun 20, 2011 at 3:26 PM, Olli Pettay
> wrote:
> >> On 06/21/2011 01:08 AM, Tab Atkins Jr. wrote:
> >>> On Mon, Jun 20, 2011 at 3:03 PM, Olli Pettay
> >>> wrote:
> On 0
On Mon, Jun 20, 2011 at 3:30 PM, Tab Atkins Jr. wrote:
> On Mon, Jun 20, 2011 at 3:26 PM, Olli Pettay wrote:
>> On 06/21/2011 01:08 AM, Tab Atkins Jr. wrote:
>>> On Mon, Jun 20, 2011 at 3:03 PM, Olli Pettay
>>> wrote:
On 06/21/2011 12:25 AM, Tab Atkins Jr. wrote:
> The use-case is non-f
So the proposal that seems to address the most concerns raised in this
thread would be to have postMessage() work like this:
postMessage({ object }, [ array ]);
...with it resulting in an event that contains both {object} and [array],
where everything in the array is transferred, and everyt
On Mon, Jun 20, 2011 at 1:48 PM, Tab Atkins Jr. wrote:
> A model which I suggested privately, and which I believe others have
> suggested publicly, is this:
>
> 1. While fullscreen is enabled, you can lock the mouse to the
> fullscreened element without a prompt or persistent message. A
> tempora
On Mon, 20 Jun 2011, Julian Reschke wrote:
> On 2011-06-20 13:58, Anne van Kesteren wrote:
> > On Mon, 20 Jun 2011 13:54:12 +0200, Julian Reschke
> > wrote:
> > > As recently discussed in the HTMLWG -- you can have Note that is
> > > normative; it's just a signal that work on this has ended.
> >
On Mon, Jun 20, 2011 at 7:01 AM, Arthur Barstow wrote:
> Given: Indexed Database API provides an alternative to Web Storage, the
> relative severity of this issue, there is no plan to fix this issue, _this
> is a Request for Comments to stop work on this spec and for [1] (or a
> similar fix to bug
On Mon, Jun 20, 2011 at 3:26 PM, Olli Pettay wrote:
> On 06/21/2011 01:08 AM, Tab Atkins Jr. wrote:
>> On Mon, Jun 20, 2011 at 3:03 PM, Olli Pettay
>> wrote:
>>> On 06/21/2011 12:25 AM, Tab Atkins Jr. wrote:
The use-case is non-fullscreen games and similar, where you'd prefer
to lock th
On 06/21/2011 01:08 AM, Tab Atkins Jr. wrote:
On Mon, Jun 20, 2011 at 3:03 PM, Olli Pettay wrote:
On 06/21/2011 12:25 AM, Tab Atkins Jr. wrote:
The use-case is non-fullscreen games and similar, where you'd prefer
to lock the mouse as soon as the user clicks into the game. Minecraft
is the fir
On Mon, Jun 20, 2011 at 3:03 PM, Olli Pettay wrote:
> On 06/21/2011 12:25 AM, Tab Atkins Jr. wrote:
>> The use-case is non-fullscreen games and similar, where you'd prefer
>> to lock the mouse as soon as the user clicks into the game. Minecraft
>> is the first example that pops into my head that
On 06/21/2011 12:25 AM, Tab Atkins Jr. wrote:
On Mon, Jun 20, 2011 at 1:19 PM, Olli Pettay wrote:
On 06/20/2011 10:18 PM, Jonas Sicking wrote:
On Mon, Jun 20, 2011 at 11:17 AM, Adam Barthwrote:
On Mon, Jun 20, 2011 at 10:48 AM, Tab Atkins Jr.
2. During a user-initiated click, you can loc
On Mon, Jun 20, 2011 at 5:21 PM, Tab Atkins Jr. wrote:
> In a non-mouselock situation, mouse events stop being fired anyway
> when the mouse goes outside of the window, so you don't have to worry
> about the delta information.
Mouse events continue to be fired while you hold a mouse button. The
On Mon, Jun 20, 2011 at 1:19 PM, Olli Pettay wrote:
> On 06/20/2011 10:18 PM, Jonas Sicking wrote:
>> On Mon, Jun 20, 2011 at 11:17 AM, Adam Barth wrote:
>>> On Mon, Jun 20, 2011 at 10:48 AM, Tab Atkins Jr.
2. During a user-initiated click, you can lock the mouse to the target
or an anc
On Mon, Jun 20, 2011 at 1:06 PM, Glenn Maynard wrote:
> On Thu, Jun 16, 2011 at 6:21 PM, Vincent Scheib wrote:
>> - Mousemove event gains .deltaX .deltaY members, always valid, not just
>> during mouse lock.
>
> Is this implementable?
>
> First-person games typically implement delta mouse movemen
On Mon, Jun 20, 2011 at 12:18 PM, Jonas Sicking wrote:
> On Mon, Jun 20, 2011 at 11:17 AM, Adam Barth wrote:
>> On Mon, Jun 20, 2011 at 10:48 AM, Tab Atkins Jr.
>> wrote:
>>> On Mon, Jun 20, 2011 at 10:18 AM, Adam Barth wrote:
So it sounds like we don't have a security model but we're hop
On 06/20/2011 10:18 PM, Jonas Sicking wrote:
On Mon, Jun 20, 2011 at 11:17 AM, Adam Barth wrote:
On Mon, Jun 20, 2011 at 10:48 AM, Tab Atkins Jr. wrote:
On Mon, Jun 20, 2011 at 10:18 AM, Adam Barth wrote:
So it sounds like we don't have a security model but we're hoping UA
implementors can
On Thu, Jun 16, 2011 at 6:21 PM, Vincent Scheib wrote:
> - Mousemove event gains .deltaX .deltaY members, always valid, not just
> during mouse lock.
Is this implementable?
First-person games typically implement delta mouse movement by hiding
the mouse cursor, warping the invisible cursor to the
On Mon, Jun 20, 2011 at 11:17 AM, Adam Barth wrote:
> On Mon, Jun 20, 2011 at 10:48 AM, Tab Atkins Jr. wrote:
>> On Mon, Jun 20, 2011 at 10:18 AM, Adam Barth wrote:
>>> So it sounds like we don't have a security model but we're hoping UA
>>> implementors can dream one up by combining enough heur
On Mon, Jun 20, 2011 at 10:48 AM, Tab Atkins Jr. wrote:
> On Mon, Jun 20, 2011 at 10:18 AM, Adam Barth wrote:
>> So it sounds like we don't have a security model but we're hoping UA
>> implementors can dream one up by combining enough heuristics.
>
> A model which I suggested privately, and which
On Mon, Jun 20, 2011 at 10:18 AM, Adam Barth wrote:
> So it sounds like we don't have a security model but we're hoping UA
> implementors can dream one up by combining enough heuristics.
A model which I suggested privately, and which I believe others have
suggested publicly, is this:
1. While fu
So it sounds like we don't have a security model but we're hoping UA
implementors can dream one up by combining enough heuristics.
Adam
On Mon, Jun 20, 2011 at 9:07 AM, Vincent Scheib wrote:
> A range of security methods have been discussed. Please read the thread in
> detail if this summary is
A range of security methods have been discussed. Please read the thread in
detail if this summary is too succinct:
The Security concern is that of the user agent hiding the mouse and not
letting it be used normally due to malicious code on a web site. Thus, user
agents must address this issue. No
Would like to add:
"In the case that a user agent has to treat a widget as an invalid
Widget package, it is RECOMMENDED that a user agent inform the user of
any error with an appropriate amount of detail. This can help
developers debug issues by letting them know what has gone wrong
during process
On 6/20/11 8:37 AM, "Marcos Caceres" wrote:
>Is there some means to explicitly indicate the order in which
>certificates in an xml dig sig file should be processed? The problem
>is that if you screw up the certificate order in the xml file, the
>validator (e.g,. xmlsec) does not know which cert is
Hi Frederick,
On Mon, Jun 20, 2011 at 3:13 PM, wrote:
> Marcos
>
> No there is currently no such definition of certificate order in XML
> Signature.
>
> I believe this question was answered correctly on the aleksey xmlsec
> development list in the message after the one you quoted, which is why
Marcos
No there is currently no such definition of certificate order in XML Signature.
I believe this question was answered correctly on the aleksey xmlsec
development list in the message after the one you quoted, which is why I didn't
join the discussion:
http://www.aleksey.com/pipermail/xmls
On Fri, 17 Jun 2011 15:57:44 +0200, Arthur Barstow
wrote:
The exit criteria is in the Draft CR and is based on the criteria in the
XHR CR:
http://dev.w3.org/2006/webapi/progress/#crec
As with all of our CfCs, positive response is preferred and encouraged
and silence will be considered
Hi,
Is there some means to explicitly indicate the order in which
certificates in an xml dig sig file should be processed? The problem
is that if you screw up the certificate order in the xml file, the
validator (e.g,. xmlsec) does not know which cert is the end-entity.
See also the following from
On Mon, Jun 20, 2011 at 2:08 PM, Jonas Sicking wrote:
> On Mon, Jun 20, 2011 at 4:57 AM, Marcos Caceres
> wrote:
>> On Mon, Jun 20, 2011 at 1:11 PM, Anne van Kesteren wrote:
>>> On Mon, 20 Jun 2011 13:01:59 +0200, Arthur Barstow
>>> wrote:
Comments on this proposal are welcome and ple
On Mon, Jun 20, 2011 at 4:57 AM, Marcos Caceres
wrote:
> On Mon, Jun 20, 2011 at 1:11 PM, Anne van Kesteren wrote:
>> On Mon, 20 Jun 2011 13:01:59 +0200, Arthur Barstow
>> wrote:
>>>
>>> Comments on this proposal are welcome and please send them by June 27 at
>>> the latest.
>>
>> I don't think
On 2011-06-20 13:58, Anne van Kesteren wrote:
On Mon, 20 Jun 2011 13:54:12 +0200, Julian Reschke
wrote:
As recently discussed in the HTMLWG -- you can have Note that is
normative; it's just a signal that work on this has ended.
1) You do not get patent policy protection. 2) The work has not e
On Mon, 20 Jun 2011 13:54:12 +0200, Julian Reschke
wrote:
As recently discussed in the HTMLWG -- you can have Note that is
normative; it's just a signal that work on this has ended.
1) You do not get patent policy protection. 2) The work has not ended if
the feature is still part of the we
On Mon, Jun 20, 2011 at 1:11 PM, Anne van Kesteren wrote:
> On Mon, 20 Jun 2011 13:01:59 +0200, Arthur Barstow
> wrote:
>>
>> Comments on this proposal are welcome and please send them by June 27 at
>> the latest.
>
> I don't think this make sense. Unless it is removed from browsers it is part
>
Reminder: June 28 is the deadline for comments for the DOM 3 Events Last
Call Working Draft.
Original Message
Subject:RfC: DOM 3 Events Last Call Working Draft; deadline June 28
Resent-Date:Tue, 31 May 2011 15:54:29 +
Resent-From:
Date: Tue, 31 May 2011 11
Reminder: June 28 deadline for comments on 3 widget LCWDs: Packaging,
Interface and DigSig.
Original Message
Subject: [widgets] RfC: LCWDs of Widget {Packaging, Interface, Digital
Signature}; deadline June 28
Resent-Date:Tue, 7 Jun 2011 17:40:50 +
Resent-From:
Da
On 2011-06-20 13:11, Anne van Kesteren wrote:
On Mon, 20 Jun 2011 13:01:59 +0200, Arthur Barstow
wrote:
Comments on this proposal are welcome and please send them by June 27
at the latest.
I don't think this make sense. Unless it is removed from browsers it is
part of the web platform and as
On Mon, 20 Jun 2011 13:01:59 +0200, Arthur Barstow
wrote:
Comments on this proposal are welcome and please send them by June 27 at
the latest.
I don't think this make sense. Unless it is removed from browsers it is
part of the web platform and as such requires normative documentation.
-
Hi All,
Despite Web Storage bug 12111 now having a fix [1], the "elephant in the
room" [2] for this spec is still the mutex issue encapsulated in the spec:
[[
http://www.w3.org/2011/06/Web%20Storage.html#issues
The use of the storage mutex to avoid race conditions is currently
considered by
On Jun 20, 2011, at 12:23 , Marcos Caceres wrote:
> On Mon, Jun 20, 2011 at 11:41 AM, Robin Berjon wrote:
>> On Jun 2, 2011, at 09:53 , Marcos Caceres wrote:
>>> Consider this scenario: the widget requests access to www.google.com.
>>> On a local level google redirects to .pl or co.in . With WARP,
On Mon, Jun 20, 2011 at 11:41 AM, Robin Berjon wrote:
> On Jun 2, 2011, at 09:53 , Marcos Caceres wrote:
>> Consider this scenario: the widget requests access to www.google.com.
>> On a local level google redirects to .pl or co.in . With WARP, if we
>> checked redirects the local google page would
On Mon, Jun 20, 2011 at 11:27 AM, Robin Berjon wrote:
> Hey, never too late to jump in I guess!
>
> On May 12, 2011, at 14:54 , Marcos Caceres wrote:
>> On Thu, May 12, 2011 at 2:43 PM, timeless wrote:
>>> I really don't think relaxing the syntax is the right path forward.
>>
>> I'm ok with leavi
On Jun 2, 2011, at 09:53 , Marcos Caceres wrote:
> Consider this scenario: the widget requests access to www.google.com.
> On a local level google redirects to .pl or co.in . With WARP, if we
> checked redirects the local google page would be blocked. It would be
> impossible for any developer to t
Hey, never too late to jump in I guess!
On May 12, 2011, at 14:54 , Marcos Caceres wrote:
> On Thu, May 12, 2011 at 2:43 PM, timeless wrote:
>> I really don't think relaxing the syntax is the right path forward.
>
> I'm ok with leaving it as is... but I guess we will have to see what
> runtimes
http://www.w3.org/Bugs/Public/show_bug.cgi?id=10337
Cameron McCormack changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|
52 matches
Mail list logo
