On 12.05.2010 22:39, Nathan wrote:
Devdatta wrote:
As for the should CORS exist discussion, I'll bow out of those until
we're starting to move towards officially adopting a WG decision one
way or another, or genuinely new information is provided which would
affect such a decision (for the
On May 13, 2010, at 3:05 AM, Julian Reschke wrote:
On 12.05.2010 22:39, Nathan wrote:
Devdatta wrote:
As for the should CORS exist discussion, I'll bow out of those until
we're starting to move towards officially adopting a WG decision one
way or another, or genuinely new information is
Maciej Stachowiak wrote:
On May 13, 2010, at 3:05 AM, Julian Reschke wrote:
On 12.05.2010 22:39, Nathan wrote:
Devdatta wrote:
As for the should CORS exist discussion, I'll bow out of those until
we're starting to move towards officially adopting a WG decision one
way or another, or
On May 12, 2010, at 2:42 PM, ext Jonas Sicking wrote:
If so, I'd really like to see the chairs move forward with making the
WG make some sort of formal decision on weather CORS should be
published or not. Repeating the same discussion over and over is not
good use your time or mine.
There is
On Wed, May 12, 2010 at 10:02 PM, Ian Hickson i...@hixie.ch wrote:
On Wed, 12 May 2010, Tyler Close wrote:
So HTML is not vulnerable to Cross-Site Scripting, C++ is not vulnerable
to buffer overflows and so CORS is not vulnerable to Confused Deputy.
Correct.
As explained above, CORS
On Wed, May 12, 2010 at 6:41 PM, Tyler Close tyler.cl...@gmail.com wrote:
On Wed, May 12, 2010 at 5:36 PM, Dirk Pranke dpra...@chromium.org wrote:
On Wed, May 12, 2010 at 5:15 PM, Tyler Close tyler.cl...@gmail.com wrote:
On Wed, May 12, 2010 at 5:07 PM, Adam Barth w...@adambarth.com wrote:
On
On Thu, May 13, 2010 at 6:39 AM, Arthur Barstow art.bars...@nokia.com wrote:
On May 12, 2010, at 2:42 PM, ext Jonas Sicking wrote:
If so, I'd really like to see the chairs move forward with making the
WG make some sort of formal decision on weather CORS should be
published or not. Repeating
Hi Ian,
On May 13, 2010, at 1:02 AM, Ian Hickson wrote:
On Wed, 12 May 2010, Tyler Close wrote:
[...]
You are using the word vulnerable in a manner inconsistent with its
meaning in the Web standards community.
I think the specific vulnerability is that a server is vulnerable to a
On Wed, May 12, 2010 at 10:02 PM, Ian Hickson i...@hixie.ch wrote:
On Wed, 12 May 2010, Tyler Close wrote:
So HTML is not vulnerable to Cross-Site Scripting, C++ is not vulnerable
to buffer overflows and so CORS is not vulnerable to Confused Deputy.
Correct.
As some (at least me) might be
Since the other points in this thread have already been addressed by
others, I thought I'd just add my thoughts on this issue (renaming and
response header filtering).
On Tue, 11 May 2010 20:17:17 +0200, Tyler Close tyler.cl...@gmail.com
wrote:
On Tue, May 11, 2010 at 10:54 AM, Anne van
On Tue, May 11, 2010 at 5:15 PM, Ian Hickson i...@hixie.ch wrote:
On Tue, 11 May 2010, Tyler Close wrote:
CORS introduces subtle but severe Confused Deputy vulnerabilities
I don't think everyone is convinced that this is the case.
AFAICT, there is consensus that CORS has Confused Deputy
On Wed, 12 May 2010, Tyler Close wrote:
On Tue, May 11, 2010 at 5:15 PM, Ian Hickson i...@hixie.ch wrote:
On Tue, 11 May 2010, Tyler Close wrote:
CORS introduces subtle but severe Confused Deputy vulnerabilities
I don't think everyone is convinced that this is the case.
AFAICT, there
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 5/12/2010 11:39 AM, Ian Hickson wrote:
On Wed, 12 May 2010, Tyler Close wrote:
On Tue, May 11, 2010 at 5:15 PM, Ian Hickson i...@hixie.ch wrote:
On Tue, 11 May 2010, Tyler Close wrote:
CORS introduces subtle but severe Confused Deputy
On Wed, May 12, 2010 at 9:01 AM, Tyler Close tyler.cl...@gmail.com wrote:
In the general case, including many common cases, doing this
validation is not feasible. The CORS specification should not be
allowed to proceed through standardization without providing
developers a robust solution to
On Wed, May 12, 2010 at 11:21 AM, Ojan Vafai o...@chromium.org wrote:
On Wed, May 12, 2010 at 9:01 AM, Tyler Close tyler.cl...@gmail.com wrote:
In the general case, including many common cases, doing this
validation is not feasible. The CORS specification should not be
allowed to proceed
On Wed, May 12, 2010 at 11:35 AM, Tyler Close tyler.cl...@gmail.com wrote:
On Wed, May 12, 2010 at 11:21 AM, Ojan Vafai o...@chromium.org wrote:
On Wed, May 12, 2010 at 9:01 AM, Tyler Close tyler.cl...@gmail.com wrote:
In the general case, including many common cases, doing this
validation is
On Wed, May 12, 2010 at 11:42 AM, Jonas Sicking jo...@sicking.cc wrote:
On Wed, May 12, 2010 at 11:35 AM, Tyler Close tyler.cl...@gmail.com wrote:
On Wed, May 12, 2010 at 11:21 AM, Ojan Vafai o...@chromium.org wrote:
On Wed, May 12, 2010 at 9:01 AM, Tyler Close tyler.cl...@gmail.com wrote:
In
While most of the discussion in this thread is just repeats of
previous discussions, I think Tyler makes a good (and new) point in
that the current CORS draft still has no mention of the possible
security problems that Tyler talks about. The current draft's security
section
On Wed, May 12, 2010 at 1:13 PM, Jonas Sicking jo...@sicking.cc wrote:
On Wed, May 12, 2010 at 12:38 PM, Devdatta dev.akh...@gmail.com wrote:
While most of the discussion in this thread is just repeats of
previous discussions, I think Tyler makes a good (and new) point in
that the current CORS
On Wed, May 12, 2010 at 1:31 PM, Tyler Close tyler.cl...@gmail.com wrote:
On Wed, May 12, 2010 at 1:13 PM, Jonas Sicking jo...@sicking.cc wrote:
On Wed, May 12, 2010 at 12:38 PM, Devdatta dev.akh...@gmail.com wrote:
While most of the discussion in this thread is just repeats of
previous
Devdatta wrote:
As for the should CORS exist discussion, I'll bow out of those until
we're starting to move towards officially adopting a WG decision one
way or another, or genuinely new information is provided which would
affect such a decision (for the record, I don't think I've seen any
new
On Wed, May 12, 2010 at 3:16 PM, Tyler Close tyler.cl...@gmail.com wrote:
On Wed, May 12, 2010 at 1:38 PM, Jonas Sicking jo...@sicking.cc wrote:
On Wed, May 12, 2010 at 1:31 PM, Tyler Close tyler.cl...@gmail.com wrote:
On Wed, May 12, 2010 at 1:13 PM, Jonas Sicking jo...@sicking.cc wrote:
On
On Wed, May 12, 2010 at 4:06 PM, Adam Barth w...@adambarth.com wrote:
On Wed, May 12, 2010 at 3:16 PM, Tyler Close tyler.cl...@gmail.com wrote:
On Wed, May 12, 2010 at 1:38 PM, Jonas Sicking jo...@sicking.cc wrote:
On Wed, May 12, 2010 at 1:31 PM, Tyler Close tyler.cl...@gmail.com wrote:
On
On Wed, May 12, 2010 at 4:38 PM, Dirk Pranke dpra...@google.com wrote:
On Wed, May 12, 2010 at 4:06 PM, Adam Barth w...@adambarth.com wrote:
On Wed, May 12, 2010 at 3:16 PM, Tyler Close tyler.cl...@gmail.com wrote:
On Wed, May 12, 2010 at 1:38 PM, Jonas Sicking jo...@sicking.cc wrote:
On Wed,
On Wed, May 12, 2010 at 4:45 PM, Adam Barth w...@adambarth.com wrote:
On Wed, May 12, 2010 at 4:38 PM, Dirk Pranke dpra...@google.com wrote:
On Wed, May 12, 2010 at 4:06 PM, Adam Barth w...@adambarth.com wrote:
On Wed, May 12, 2010 at 3:16 PM, Tyler Close tyler.cl...@gmail.com wrote:
On Wed,
On Wed, May 12, 2010 at 4:45 PM, Adam Barth w...@adambarth.com wrote:
On Wed, May 12, 2010 at 4:38 PM, Dirk Pranke dpra...@google.com wrote:
On Wed, May 12, 2010 at 4:06 PM, Adam Barth w...@adambarth.com wrote:
On Wed, May 12, 2010 at 3:16 PM, Tyler Close tyler.cl...@gmail.com wrote:
On Wed,
On Wed, May 12, 2010 at 4:56 PM, Tyler Close tyler.cl...@gmail.com wrote:
On Wed, May 12, 2010 at 4:45 PM, Adam Barth w...@adambarth.com wrote:
On Wed, May 12, 2010 at 4:38 PM, Dirk Pranke dpra...@google.com wrote:
On Wed, May 12, 2010 at 4:06 PM, Adam Barth w...@adambarth.com wrote:
On Wed,
On Wed, May 12, 2010 at 5:07 PM, Adam Barth w...@adambarth.com wrote:
On Wed, May 12, 2010 at 4:56 PM, Tyler Close tyler.cl...@gmail.com wrote:
On Wed, May 12, 2010 at 4:45 PM, Adam Barth w...@adambarth.com wrote:
On Wed, May 12, 2010 at 4:38 PM, Dirk Pranke dpra...@google.com wrote:
On Wed,
On Wed, May 12, 2010 at 5:15 PM, Tyler Close tyler.cl...@gmail.com wrote:
On Wed, May 12, 2010 at 5:07 PM, Adam Barth w...@adambarth.com wrote:
On Wed, May 12, 2010 at 4:56 PM, Tyler Close tyler.cl...@gmail.com wrote:
On Wed, May 12, 2010 at 4:45 PM, Adam Barth w...@adambarth.com wrote:
On
On Wed, May 12, 2010 at 5:36 PM, Dirk Pranke dpra...@google.com wrote:
On Wed, May 12, 2010 at 5:15 PM, Tyler Close tyler.cl...@gmail.com wrote:
On Wed, May 12, 2010 at 5:07 PM, Adam Barth w...@adambarth.com wrote:
On Wed, May 12, 2010 at 4:56 PM, Tyler Close tyler.cl...@gmail.com wrote:
Both
On Wed, 12 May 2010, Tyler Close wrote:
It is also not a question of opinion, but fact. CORS uses ambient
authority for access control in 3 party scenarios. CORS is therefore
vulnerable to Confused Deputy.
That's like saying that HTML uses markup and is therefore vulnerable
to
Ian Hickson wrote:
On Wed, 12 May 2010, Tyler Close wrote:
We've gone through several scenarios on this list where this validation
is not feasible. On the chromium list, I recently explained how it is
not possible to implement a generic AtomPub client that does this
validation:
On Wed, May 12, 2010 at 6:33 PM, Ian Hickson i...@hixie.ch wrote:
On Wed, 12 May 2010, Tyler Close wrote:
It is also not a question of opinion, but fact. CORS uses ambient
authority for access control in 3 party scenarios. CORS is therefore
vulnerable to Confused Deputy.
That's like
On Wed, 12 May 2010, Tyler Close wrote:
So HTML is not vulnerable to Cross-Site Scripting, C++ is not vulnerable
to buffer overflows and so CORS is not vulnerable to Confused Deputy.
Correct.
As explained above, CORS with credentials is intrinsically vulnerable to
Confused Deputy. The
Firefox, Chrome and Caja have now all declared an interest in
implementing UMP. Opera and Safari have both declared an interest in
implementing the functionality defined in UMP under the name CORS. I
think it's clear that UMP has sufficient implementor interest to
proceed along the standardization
On Tue, May 11, 2010 at 10:54 AM, Anne van Kesteren ann...@opera.com wrote:
On Tue, 11 May 2010 19:48:57 +0200, Tyler Close tyler.cl...@gmail.com
wrote:
Firefox, Chrome and Caja have now all declared an interest in
implementing UMP. Opera and Safari have both declared an interest in
On Tue, 11 May 2010 19:48:57 +0200, Tyler Close tyler.cl...@gmail.com
wrote:
Firefox, Chrome and Caja have now all declared an interest in
implementing UMP. Opera and Safari have both declared an interest in
implementing the functionality defined in UMP under the name CORS. I
think it's clear
On Tue, May 11, 2010 at 11:17 AM, Tyler Close tyler.cl...@gmail.com wrote:
On Tue, May 11, 2010 at 10:54 AM, Anne van Kesteren ann...@opera.com
wrote:
On Tue, 11 May 2010 19:48:57 +0200, Tyler Close tyler.cl...@gmail.com
wrote:
Firefox, Chrome and Caja have now all declared an interest in
On Tue, May 11, 2010 at 11:41 AM, Ojan Vafai o...@chromium.org wrote:
What is the difference between an authoring guide and a specification for
web developers?
The difference is whether or not the normative statements in UMP
actually are normative for a CORS implementation. This comes down to
On Tue, May 11, 2010 at 10:48 AM, Tyler Close tyler.cl...@gmail.com wrote:
Firefox, Chrome and Caja have now all declared an interest in
implementing UMP. Opera and Safari have both declared an interest in
implementing the functionality defined in UMP under the name CORS. I
think it's clear
On Tue, May 11, 2010 at 12:01 PM, Tyler Close tyler.cl...@gmail.com wrote:
On Tue, May 11, 2010 at 11:41 AM, Ojan Vafai o...@chromium.org wrote:
What is the difference between an authoring guide and a specification for
web developers?
The difference is whether or not the normative statements
Jonas, Anne, Tlyer, All,
On May 11, 2010, at 3:08 PM, ext Jonas Sicking wrote:
Personally I would prefer to see the UMP model be specced as part of
the CORS spec, mostly to avoid inevitable differences between two
specs trying to specify the same thing. And creating an authoring
guide
On Tue, May 11, 2010 at 12:36 PM, Arthur Barstow art.bars...@nokia.com wrote:
Jonas, Anne, Tlyer, All,
On May 11, 2010, at 3:08 PM, ext Jonas Sicking wrote:
Personally I would prefer to see the UMP model be specced as part of
the CORS spec, mostly to avoid inevitable differences between two
On Tue, May 11, 2010 at 12:01 PM, Tyler Close tyler.cl...@gmail.com wrote:
On Tue, May 11, 2010 at 11:41 AM, Ojan Vafai o...@chromium.org wrote:
What is the difference between an authoring guide and a specification for
web developers?
The difference is whether or not the normative statements
On Tue, May 11, 2010 at 1:34 PM, Dirk Pranke dpra...@google.com wrote:
On Tue, May 11, 2010 at 12:01 PM, Tyler Close tyler.cl...@gmail.com wrote:
On Tue, May 11, 2010 at 11:41 AM, Ojan Vafai o...@chromium.org wrote:
What is the difference between an authoring guide and a specification for
web
On May 11, 2010, at 1:57 PM, Jonas Sicking wrote:
On Tue, May 11, 2010 at 1:34 PM, Dirk Pranke dpra...@google.com
wrote:
On Tue, May 11, 2010 at 12:01 PM, Tyler Close
tyler.cl...@gmail.com wrote:
On Tue, May 11, 2010 at 11:41 AM, Ojan Vafai o...@chromium.org
wrote:
What is the difference
XML is also a misnomer. And HTTP is confusing since it also works over
https.
At least we agree on Request.
On Apr 21, 2010 12:24 PM, Maciej Stachowiak m...@apple.com wrote:
On Apr 21, 2010, at 8:57 AM, Anne van Kesteren wrote:
On Wed, 21 Apr 2010 23:37:54 +0900, Mark S...
I agree that
On Apr 21, 2010, at 8:29 PM, Mark S. Miller wrote:
Thanks, the Tor example is clarifying. Tor attempts to actually
provide anonymity, by attempting to hide all information that might
be inadvertently identifying, like IP address, traffic patterns, or
other side channels. The threat model
On Thu, 22 Apr 2010 02:39:31 +0900, Tyler Close tyler.cl...@gmail.com
wrote:
On Tue, Apr 20, 2010 at 10:07 PM, Anne van Kesteren ann...@opera.com
wrote:
Because I've yet to receive detailed feedback / proposals on CORS on
what needs changing. In another thread Maciej asked you whether you
On Wed, Apr 21, 2010 at 11:47 PM, Maciej Stachowiak m...@apple.com wrote:
That being said, I'm totally open to a name that conveys the same meaning
with less perceived ambiguity. I just don't think Uniform is it. It
doesn't get across the main idea very well at all. We need a phrase that
says
On Apr 22, 2010, at 10:27 AM, Mark S. Miller wrote:
On Wed, Apr 21, 2010 at 11:47 PM, Maciej Stachowiak m...@apple.com
wrote:
That being said, I'm totally open to a name that conveys the same
meaning with less perceived ambiguity. I just don't think Uniform
is it. It doesn't get across
On Thu, Apr 22, 2010 at 11:00 AM, Maciej Stachowiak m...@apple.com wrote:
On Apr 22, 2010, at 10:27 AM, Mark S. Miller wrote:
On Wed, Apr 21, 2010 at 11:47 PM, Maciej Stachowiak m...@apple.com wrote:
That being said, I'm totally open to a name that conveys the same meaning
with less
On Wed, Apr 21, 2010 at 11:39 PM, Maciej Stachowiak m...@apple.com wrote:
On Apr 21, 2010, at 11:11 PM, Anne van Kesteren wrote:
On Thu, 22 Apr 2010 14:36:50 +0900, Adam Barth w...@adambarth.com wrote:
Unfortunately ambient doesn't have any good antonyms:
On Wed, Apr 21, 2010 at 6:45 PM, Maciej Stachowiak m...@apple.com wrote:
XML is also a misnomer. And Http is confusing as well, since these
requests can (and should) generally be carried over https. At least we agree
on Request ;).
I agree, but (a) that ship has sailed; and (b) dropping those
On Mon, Apr 19, 2010 at 12:43 AM, Anne van Kesteren ann...@opera.comwrote:
Hopefully it helps calling out attention to this in a separate thread.
In
http://lists.w3.org/Archives/Public/public-webapps/2010AprJun/0043.htmlMaciej
states Apple has no interest in implementing UMP from the UMP
On Thu, Apr 22, 2010 at 4:33 PM, Mark S. Miller erig...@google.com wrote:
[...] Caja parses a sanitized subset of HTML HTML5's tag soup algorithm.
Sorry. I meant
Caja parses a sanitized subset of HTML *using* HTML5's tag soup algorithm.
Fortunately, the typo has little bearing on the overall
On Mon, Apr 19, 2010 at 11:45 AM, Adam Barth w...@adambarth.com wrote:
On Mon, Apr 19, 2010 at 12:43 AM, Anne van Kesteren ann...@opera.com wrote:
Hopefully it helps calling out attention to this in a separate thread.
In http://lists.w3.org/Archives/Public/public-webapps/2010AprJun/0043.html
On Tue, Apr 20, 2010 at 10:07 PM, Anne van Kesteren ann...@opera.comwrote:
On Wed, 21 Apr 2010 01:27:10 +0900, Tyler Close tyler.cl...@gmail.com
wrote:
Why can't it be made exactly like UMP? All of the requirements in UMP
have been discussed at length and in great detail on this list by some
On Wed, Apr 21, 2010 at 8:57 AM, Anne van Kesteren ann...@opera.com wrote:
Uniform doesn't tell you much about what it is doing.
The term uniform in Uniform Messaging Policy (UMP) is used in the
same sense as it is used in Uniform Resource Identifier (URI). In
particular, the following from RFC
On Wed, Apr 21, 2010 at 10:39 AM, Tyler Close tyler.cl...@gmail.com wrote:
On Tue, Apr 20, 2010 at 10:07 PM, Anne van Kesteren ann...@opera.com
wrote:
On Wed, 21 Apr 2010 01:27:10 +0900, Tyler Close tyler.cl...@gmail.com
wrote:
Why can't it be made exactly like UMP? All of the
On Wed, Apr 21, 2010 at 12:24 PM, Maciej Stachowiak m...@apple.com wrote:
I agree that Anonymous or Anon is more clear as to the purpose than
Uniform.
In the same say this email is anonymous. Sure, I say it is from MarkM, but
my browser doesn't add any identifying info that you can see. Even
On Apr 21, 2010, at 7:09 PM, Mark S. Miller wrote:
On Wed, Apr 21, 2010 at 6:45 PM, Maciej Stachowiak m...@apple.com
wrote:
On Apr 21, 2010, at 6:23 PM, Mark S. Miller wrote:
On Wed, Apr 21, 2010 at 12:24 PM, Maciej Stachowiak m...@apple.com
wrote:
I agree that Anonymous or Anon is more
On Mon, Apr 19, 2010 at 6:47 PM, Anne van Kesteren ann...@opera.com wrote:
On Tue, 20 Apr 2010 00:38:54 +0900, Jonas Sicking jo...@sicking.cc wrote:
As I've said before. I'd be interested in implementing UMP in firefox
if we can come up with a reasonable API for using it. I.e. a separate
On Mon, Apr 19, 2010 at 6:47 PM, Anne van Kesteren ann...@opera.com wrote:
On Tue, 20 Apr 2010 00:38:54 +0900, Jonas Sicking jo...@sicking.cc wrote:
As I've said before. I'd be interested in implementing UMP in firefox
if we can come up with a reasonable API for using it. I.e. a separate
On Tue, Apr 20, 2010 at 9:27 AM, Tyler Close tyler.cl...@gmail.com wrote:
On Mon, Apr 19, 2010 at 6:47 PM, Anne van Kesteren ann...@opera.com wrote:
On Tue, 20 Apr 2010 00:38:54 +0900, Jonas Sicking jo...@sicking.cc wrote:
As I've said before. I'd be interested in implementing UMP in firefox
On Apr 20, 2010, at 9:27 AM, Tyler Close wrote:
On Mon, Apr 19, 2010 at 6:47 PM, Anne van Kesteren
ann...@opera.com wrote:
On Tue, 20 Apr 2010 00:38:54 +0900, Jonas Sicking
jo...@sicking.cc wrote:
As I've said before. I'd be interested in implementing UMP in
firefox
if we can come up
On Apr 20, 2010, at 11:34 AM, Jonas Sicking wrote:
On Mon, Apr 19, 2010 at 6:47 PM, Anne van Kesteren
ann...@opera.com wrote:
On Tue, 20 Apr 2010 00:38:54 +0900, Jonas Sicking
jo...@sicking.cc wrote:
As I've said before. I'd be interested in implementing UMP in
firefox
if we can come
On Tue, Apr 20, 2010 at 11:39 AM, Maciej Stachowiak m...@apple.com wrote:
On Apr 20, 2010, at 9:27 AM, Tyler Close wrote:
On Mon, Apr 19, 2010 at 6:47 PM, Anne van Kesteren ann...@opera.com
wrote:
On Tue, 20 Apr 2010 00:38:54 +0900, Jonas Sicking jo...@sicking.cc
wrote:
As I've said
On Tue, Apr 20, 2010 at 11:36 AM, Jonas Sicking jo...@sicking.cc wrote:
On Tue, Apr 20, 2010 at 9:27 AM, Tyler Close tyler.cl...@gmail.com wrote:
On Mon, Apr 19, 2010 at 6:47 PM, Anne van Kesteren ann...@opera.com wrote:
On Tue, 20 Apr 2010 00:38:54 +0900, Jonas Sicking jo...@sicking.cc wrote:
On Wed, 21 Apr 2010 03:47:06 +0900, Maciej Stachowiak m...@apple.com
wrote:
I kinda hate the boolean argument. I would rather have a syntax where
the intent is obvious from the source code. A boolean is not very self-
documenting. In fact I can't even remember right now whether true or
On Wed, 21 Apr 2010 01:27:10 +0900, Tyler Close tyler.cl...@gmail.com
wrote:
Why can't it be made exactly like UMP? All of the requirements in UMP
have been discussed at length and in great detail on this list by some
highly qualified people. The current UMP spec reflects all of that
On Mon, Apr 19, 2010 at 12:43 AM, Anne van Kesteren ann...@opera.com wrote:
Hopefully it helps calling out attention to this in a separate thread.
In http://lists.w3.org/Archives/Public/public-webapps/2010AprJun/0043.html
Maciej states Apple has no interest in implementing UMP from the UMP
On Tue, 20 Apr 2010 00:38:54 +0900, Jonas Sicking jo...@sicking.cc wrote:
As I've said before. I'd be interested in implementing UMP in firefox
if we can come up with a reasonable API for using it. I.e. a separate
constructor or flag or similar on XHR. This is assuming that UMP is a
reasonable
73 matches
Mail list logo
