On Tue, Apr 13, 2010 at 10:17 AM, Jonas Sicking wrote:
> On Mon, Apr 12, 2010 at 5:28 PM, Jonas Sicking wrote:
>> I wouldn't be opposed to implementing UMP, as long as there's a decent
>> API for invoking it, and that it's a good subset relative to CORS. I
>> think we've talked about various cons
On Mon, Apr 12, 2010 at 5:28 PM, Jonas Sicking wrote:
> On Mon, Apr 12, 2010 at 4:28 PM, Tyler Close wrote:
>> On Mon, Apr 12, 2010 at 4:14 PM, Jonas Sicking wrote:
>>> On Mon, Apr 12, 2010 at 3:48 PM, Tyler Close wrote:
On Mon, Apr 12, 2010 at 3:41 PM, Jonas Sicking wrote:
> On Mon,
On Apr 12, 2010, at 4:00 PM, ext Maciej Stachowiak wrote:
On Apr 12, 2010, at 10:33 AM, Tyler Close wrote:
I've added a new section to the wiki page, "UMP as subset of CORS":
http://www.w3.org/Security/wiki/
Comparison_of_CORS_and_UMP#UMP_as_subset_of_CORS
I do not think the set of subse
On Tue, 13 Apr 2010 02:28:53 +0200, Jonas Sicking wrote:
I wouldn't be opposed to implementing UMP, as long as there's a decent
API for invoking it, and that it's a good subset relative to CORS. I
think we've talked about various constructors or flags that let you
use the XHR API together with t
On Mon, 12 Apr 2010 15:49:22 +0200, Arthur Barstow
wrote:
Anne - as Maciej mentioned in another thread [2], it would be good to
get your feedback on this subject.
I don't really care about subset relations to be honest. Fixing bugs in
CORS is fine, and I think that is what we should be foc
On Mon, Apr 12, 2010 at 4:28 PM, Tyler Close wrote:
> On Mon, Apr 12, 2010 at 4:14 PM, Jonas Sicking wrote:
>> On Mon, Apr 12, 2010 at 3:48 PM, Tyler Close wrote:
>>> On Mon, Apr 12, 2010 at 3:41 PM, Jonas Sicking wrote:
On Mon, Apr 12, 2010 at 3:10 PM, Tyler Close wrote:
>> I think e
On Mon, Apr 12, 2010 at 4:14 PM, Jonas Sicking wrote:
> On Mon, Apr 12, 2010 at 3:48 PM, Tyler Close wrote:
>> On Mon, Apr 12, 2010 at 3:41 PM, Jonas Sicking wrote:
>>> On Mon, Apr 12, 2010 at 3:10 PM, Tyler Close wrote:
> I think even taken together, your set of subset conditions does guar
On Mon, Apr 12, 2010 at 3:48 PM, Tyler Close wrote:
> On Mon, Apr 12, 2010 at 3:41 PM, Jonas Sicking wrote:
>> On Mon, Apr 12, 2010 at 3:10 PM, Tyler Close wrote:
I think even taken together, your set of subset conditions does guarantee
that a CORS client implementation is automaticall
On Mon, Apr 12, 2010 at 3:41 PM, Jonas Sicking wrote:
> On Mon, Apr 12, 2010 at 3:10 PM, Tyler Close wrote:
>>> I think even taken together, your set of subset conditions does guarantee
>>> that a CORS client implementation is automatically also a UMP client
>>> implementation. If we went that wa
On Mon, Apr 12, 2010 at 3:10 PM, Tyler Close wrote:
>> I think even taken together, your set of subset conditions does guarantee
>> that a CORS client implementation is automatically also a UMP client
>> implementation. If we went that way, then we would have to consider whether
>> there will ever
On Mon, Apr 12, 2010 at 1:00 PM, Maciej Stachowiak wrote:
>
> On Apr 12, 2010, at 10:33 AM, Tyler Close wrote:
>
>> On Mon, Apr 12, 2010 at 6:49 AM, Arthur Barstow
>> wrote:
>>>
>>> Maciej, Tyler - thanks for continuing this discussion. I think it would
>>> be
>>> helpful to have consensus on wha
On Apr 12, 2010, at 10:33 AM, Tyler Close wrote:
On Mon, Apr 12, 2010 at 6:49 AM, Arthur Barstow
wrote:
Maciej, Tyler - thanks for continuing this discussion. I think it
would be
helpful to have consensus on what we mean by subsetting in this
context.
(Perhaps the agreed definition could
On Mon, Apr 12, 2010 at 6:49 AM, Arthur Barstow wrote:
> Maciej, Tyler - thanks for continuing this discussion. I think it would be
> helpful to have consensus on what we mean by subsetting in this context.
> (Perhaps the agreed definition could be added to the CORS and UMP Comparison
> [1].)
I'v
Maciej, Tyler - thanks for continuing this discussion. I think it
would be helpful to have consensus on what we mean by subsetting in
this context. (Perhaps the agreed definition could be added to the
CORS and UMP Comparison [1].)
Anne - as Maciej mentioned in another thread [2], it would b
On Apr 8, 2010, at 5:20 PM, Tyler Close wrote:
On Wed, Feb 3, 2010 at 7:40 PM, Maciej Stachowiak
wrote:
Actually, the other proposal is to provide an XHR-like API that
would use CORS forcing a unique origin as an input parameter -
there is no need to
My hope is that this would be semanti
On Wed, Feb 3, 2010 at 7:40 PM, Maciej Stachowiak wrote:
> Actually, the other proposal is to provide an XHR-like API that would use
> CORS forcing a unique origin as an input parameter - there is no need to
> My hope is that this would be semantically equivalent to using UMP.
This unique origin
Hi Mark,
First a couple of corrections...
On Feb 3, 2010, at 5:31 PM, Mark S. Miller wrote:
> Hi Maciej and Tyler,
>
> IMO, the important subsetting points, in priority order, are:
>
> 1) Server-side behavior compatible with UMP is automatically compatible with
> CORS and with present CORS-l
Hi Maciej and Tyler,
IMO, the important subsetting points, in priority order, are:
1) Server-side behavior compatible with UMP is automatically compatible with
CORS and with present CORS-like browser behaviors.
2) The client-side mechanisms one needs to implement UMP correctly are a
small subset
18 matches
Mail list logo