Hi everyone, Just a quick update on some of the work I've been involved in with W3C. I've been creating the test cases for WARP, which is the spec for widgets making requests to allow access to external resources; in Wookie we use this as a way of populating the whitelist for the server-side proxy that widgets can use with the proxify() method.
What is interesting is that eventually we ought to be able to drop support for both the Wookie proxy and for WARP. The reason being that more browsers are supporting CORS, which is a spec that enables cross-site requests outside the same-origin policy provided that the service has an appropriate header allowing it to accept external requests. There's more info here: http://hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors/ And here: http://arunranga.com/examples/access-control/ Not especially important now as there are many people out there using browsers that don't implement CORS, and many web APIs provided by servers that don't support it either. However its worth bearing in mind for the longer-term roadmap. S
