/irc-logs / freenode / #whatwg / 2007-10-03 / end

Options:

1. # Session Start: Wed Oct 03 00:00:00 2007
2. # Session Ident: #whatwg
3. # [00:00] <Hixie> defunct now
4. # [00:00] <hober> ahh
5. # [00:00] * Hixie adds "tag" to his portal page
6. # [00:00] <Dashiva> That's a lot of lists...
7. # [00:00] <Hixie> so anyone noticed how html4all has had no traffic for days?
8. # [00:01] <annevk> maybe they're awaiting replies from the director of the W3C
9. # [00:01] <Philip`> Given how some of those "Introduction" emails ended up in 2005Sep archives, since that was the date of the previously most recent message, it looks rather like indiscriminate spam
10. # [00:01] <Hixie> annevk: ?
11. # [00:01] <annevk> (I noticed too, as I subscribed to the html4all list to easier track the e-mails.)
12. # [00:02] <annevk> oh, maybe it was directed to DanC and cwilso only
13. # [00:02] <Dashiva> How many formal objections are we up to now?
14. # [00:02] <annevk> ah, it was: http://html4all.org/pipermail/list_html4all.org/2007-September/000428.html
15. # [00:03] <annevk> actually, there was a reply to that from DanC as well which has been removed from the html4all archives
16. # [00:03] <Hixie> danc replied to that
17. # [00:03] <Hixie> yeah
18. # [00:03] <Philip`> http://html4all.org/wiki/index.php?title=Wiki/index.php&curid=1443&diff=1895&oldid=1840 - I'm surprised it took that long for them to get the first wikispam
19. # [00:04] <annevk> hmm, the wiki seems quite active
20. # [00:04] <annevk> maybe all traffic moved to the private list? :(
21. # [00:04] <annevk> oh well
22. # [00:06] <hober> for log readers, danc's reply to that is http://lists.w3.org/Archives/Public/www-archive/2007Sep/0111.html
23. # [00:07] <Hixie> no, there was another one too
24. # [00:07] <Hixie> direct to JohnF
25. # [00:07] <Hixie> John then forwarded it to the archives, and it was then removed
26. # [00:07] <hober> ahh.
27. # [00:08] * hober finds it hard to keep up with all of the cabal machinations :)
28. # [00:08] <Hixie> the part that was forwarded basically wished John luck in finding another editor, because (DanC said) he had tried but not found any willing editors
29. # [00:08] <annevk> yup
30. # [00:08] <Hixie> i have to say, if we do find any willing editors, there are a number of specs that need work in e.g. webapi
31. # [00:08] * annevk recalls reading that too
32. # [00:08] <Hixie> i've had to fold several webapi things into the html5 spec due to lack of editors
33. # [00:08] <Hixie> which i'd like to spin out again
34. # [00:09] <Hixie> (if we can find a way to separate them out, anyway)
35. # [00:09] <annevk> window, dom5 core, es bindings...
36. # [00:09] <Hixie> dom5 core is probably the biggest right now, yeah
37. # [00:09] <Hixie> b4es is being done by heycam
38. # [00:09] <Hixie> though that has somewhat stalled, it seems
39. # [00:09] <Dashiva> heycam?
40. # [00:09] <annevk> maybe need dom5 events too
41. # [00:10] <Hixie> isn't bjoern doing events?
42. # [00:10] <Hixie> i guess that's stalled too
43. # [00:10] <annevk> It seems bjoern is doing editing in the very literal sense
44. # [00:10] <Hixie> ?
45. # [00:10] <othermaciej> finding willing and qualified editors would be great
46. # [00:10] <annevk> People write text and then he folds it into the specification
47. # [00:10] <Hixie> aah
48. # [00:10] <Hixie> ok so a new author for dom3/5 events would be useful too
49. # [00:10] <othermaciej> and yes, web api would be a good place to help html
50. # [00:11] <othermaciej> css needs help too but their issues go deeper than just availability of editors
51. # [00:12] <Dashiva> How's their blog doing? :)
52. # [00:12] * annevk needs some help with the CSSOM at some point
53. # [00:12] <Hixie> dashiva: Cameron McCormack
54. # [00:13] <Hixie> (sorry, took me a while to find his full name)
55. # [00:13] <annevk> Dashiva, that's updated quite frequently
56. # [00:19] * Parts: annevk (n=annevk@86.90.70.28)
57. # [00:21] * Quits: jgraham (n=jgraham@81-86-210-42.dsl.pipex.com) (Read error: 110 (Connection timed out))
58. # [00:21] * Joins: jgraham (n=jgraham@81-86-218-47.dsl.pipex.com)
59. # [00:22] <gsnedders> gsnedders: about the HTTP parsing spec…
60. # [00:22] <gsnedders> hober, Philip` ^^
61. # [00:22] <gsnedders> :)
62. # [00:24] * Quits: Dashiva (i=Dashiva@15.84-48-60.nextgentel.com)
63. # [00:30] * Joins: Dashiva (i=Dashiva@15.84-48-60.nextgentel.com)
64. # [00:36] * Quits: tndH (i=Rob@adsl-87-102-67-202.karoo.KCOM.COM) ("ChatZilla 0.9.78.1-rdmsoft [XULRunner 1.8.0.9/2006120508]")
65. # [00:55] * Hixie regens the spec
66. # [00:55] <Hixie> ok the update algorithm is written up if anyone cares
67. # [00:56] <Hixie> (around http://www.whatwg.org/specs/web-apps/current-work/#offline )
68. # [01:01] * Quits: mpt (n=mpt@canonical/launchpad/mpt) ("Leaving")
69. # [01:06] * othermaciej will need to read that
70. # [01:07] * othermaciej also needs to read the ES4 draft
71. # [01:07] <Hixie> there's a bunch of holes in the overall offline stuff, but the update algorithm is up
72. # [01:07] <Hixie> oh, is there an ES4 draft out?
73. # [01:07] <othermaciej> not publicly I don't think; I don't have a copy yet myself either
74. # [01:07] <Hixie> ah ok
75. # [01:07] * Joins: tantek (n=tantek@212.145.150.218)
76. # [01:10] * Joins: mpt (n=mpt@121-72-130-88.dsl.telstraclear.net)
77. # [01:18] <Hixie> we still need to pick a format for the manifest
78. # [01:18] <Hixie> i guess that's next on the todo list
79. # [01:21] <othermaciej> all available options suck
80. # [01:22] <Dashiva> The unavailable ones suck too :)
81. # [01:26] <othermaciej> why choose the lesser of two evils?
82. # [01:26] <othermaciej> I say go all out and base the syntax on ASN.1
83. # [01:26] <Hixie> dare i ask
84. # [01:26] <Dashiva> ASN.1 isn't so bad
85. # [01:28] <Hixie> i have three requirements so far:
86. # [01:28] <Hixie> * Has a magic signature
87. # [01:28] <Hixie> * Has a simple defined processing that is easy to test the error handling of
88. # [01:28] <Hixie> * Can express two lists of URIs and one mapping of prefixes to URIs
89. # [01:28] * Joins: jwalden (n=waldo@RANDOM-SEVENTY-TWO.MIT.EDU)
90. # [01:29] <Hixie> oh i and i suppose i should add "supports a comment syntax"
91. # [01:29] <othermaciej> the last requirement would rule out JSON, if it is truly a requirement
92. # [01:29] <othermaciej> leaving XML or ad-hoc plaintext format
93. # [01:29] <Hixie> i think it is, with big apps i can certainly imagine needing to comment which set of files is required for what
94. # [01:30] <Hixie> i mean, even my simple .htaccess files often end up quite well documented
95. # [01:30] <Dashiva> Let's use .htaccess then. mod_rewrite can handle the prefixes :D
96. # [01:54] * Quits: kingryan (n=kingryan@corp.technorati.com)
97. # [01:59] * Quits: othermaciej (n=mjs@17.255.96.78)
98. # [02:00] * Quits: billmason (n=billmaso@ip156.unival.com) (".")
99. # [02:11] * Joins: othermaciej (n=mjs@17.203.15.161)
100. # [02:16] * Joins: csarven (n=nevrasc@modemcable130.251-202-24.mc.videotron.ca)
101. # [02:48] * Quits: csarven (n=nevrasc@modemcable130.251-202-24.mc.videotron.ca) (Read error: 110 (Connection timed out))
102. # [03:00] * Joins: karlUshi (n=karl@dhcp-247-173.mag.keio.ac.jp)
103. # [03:10] * Quits: yod (n=ot@softbank221018155222.bbtec.net) ("Leaving")
104. # [03:22] * Quits: KevinMarks (i=KevinMar@nat/google/x-ba20fbfd1e4b50d4) ("The computer fell asleep")
105. # [03:37] * Quits: h3h (n=w3rd@66-162-32-234.static.twtelecom.net) ("|")
106. # [03:50] * Quits: BenWard (n=BenWard@87-194-62-78.bethere.co.uk) ("Fades out again…")
107. # [03:52] * Joins: KevinMarks (n=KevinMar@user-64-9-236-119.googlewifi.com)
108. # [03:58] * Quits: KevinMarks (n=KevinMar@user-64-9-236-119.googlewifi.com) ("The computer fell asleep")
109. # [03:59] * Quits: aroben (i=aroben@unaffiliated/aroben) (Read error: 104 (Connection reset by peer))
110. # [03:59] * Joins: aroben (i=aroben@unaffiliated/aroben)
111. # [04:26] * Joins: h3h (n=w3rd@cpe-76-88-44-219.san.res.rr.com)
112. # [04:39] <Hixie> if i have a section "cache" for files that have to be cached, what would you call the section for files that are whitelisted as being online only and should never be cached?
113. # [04:41] <othermaciej> online, live, network, notcached
114. # [04:42] <Hixie> http://junkyard.damowmow.com/297
115. # [04:45] <Hixie> http://www.whatwg.org/specs/web-apps/current-work/#manifests
116. # [04:48] <Hixie> i think i'm gonna go with "idea #3" there (the same as .../297) unless someone has a better idea by the time i get online next (probably an hour from now)
117. # [04:50] <tantek> consider reusing terminology from HTTP headers regarding caching?
118. # [04:50] <Hixie> like what?
119. # [04:51] <Hixie> i don't think http really has equivalent concepts
120. # [04:52] <tantek> no-cache ?
121. # [04:53] <Hixie> this isn't really about the resource not getting cached -- there are various ways in which it could get cached -- it's about the cache being bypassed when you do a request for the resource
122. # [04:53] <Hixie> the application cache, that is
123. # [04:53] <Hixie> the normal cache still gets hit
124. # [04:53] <tantek> http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9
125. # [04:53] <Hixie> e.g. so that you can have a worked thread that talks to the server even from an "offline" application
126. # [04:53] <tantek> oh weird
127. # [04:54] <Hixie> worker thread, rather
128. # [04:54] <tantek> well I think from an HTTP perspective, they're just different caches
129. # [04:54] <Hixie> right
130. # [04:54] <tantek> like layers thereof
131. # [04:54] <tantek> proxies like
132. # [04:54] <Hixie> indeed
133. # [04:54] <tantek> so you should still be able to model it using HTTP, even if it is an "application cache"
134. # [04:56] <Hixie> well an application cache isn't really an http cache -- the whole point is that normally any resource will avoid the network if it's in the manifest, and any resource not in the manifest will immediately fail, unless it's on this whitelist, in which case it does normal http caching semantics on the browser's primary cache and uses the network if appropriate
135. # [04:56] <Hixie> no-cache means "bypass all caches"
136. # [04:56] <Hixie> which isn't what's going on here
137. # [04:56] <Hixie> i think maciej's "network" suggestion is probably best
138. # [04:56] <Hixie> anyway, gotta go
139. # [04:57] <Hixie> bbiab
140. # [05:10] * Joins: KevinMarks (n=KevinMar@c-76-102-254-252.hsd1.ca.comcast.net)
141. # [05:14] * Joins: MikeSmith (n=MikeSmit@203.155.34.120)
142. # [05:22] * Quits: MikeSmith (n=MikeSmit@203.155.34.120) (Read error: 104 (Connection reset by peer))
143. # [05:38] * Joins: MikeSmith (n=MikeSmit@203.155.34.120)
144. # [05:43] * Quits: mpt (n=mpt@121-72-130-88.dsl.telstraclear.net) ("This computer has gone to sleep")
145. # [05:46] * Joins: heycam (n=cam@clm-laptop.infotech.monash.edu.au)
146. # [05:50] * Joins: mpt (n=mpt@121-72-130-88.dsl.telstraclear.net)
147. # [06:02] * Quits: weinig (n=weinig@17.203.15.140)
148. # [06:03] * Quits: brodie (n=brodie@75.126.245.50) (Remote closed the connection)
149. # [06:10] * Quits: MikeSmith (n=MikeSmit@203.155.34.120) ("Less talk, more pimp walk.")
150. # [06:12] * Quits: aroben (i=aroben@unaffiliated/aroben) ("Leaving")
151. # [06:15] * Joins: MikeSmith (n=MikeSmit@203.155.34.120)
152. # [06:16] * Joins: weinig (n=weinig@c-67-169-182-231.hsd1.ca.comcast.net)
153. # [06:19] * Quits: weinig (n=weinig@c-67-169-182-231.hsd1.ca.comcast.net) (Read error: 104 (Connection reset by peer))
154. # [06:19] * Joins: weinig (n=weinig@c-67-169-182-231.hsd1.ca.comcast.net)
155. # [06:25] * Quits: jruderman (n=jruderma@corp-241.mountainview.mozilla.com)
156. # [06:52] * Joins: jruderman (n=jruderma@c-67-180-15-227.hsd1.ca.comcast.net)
157. # [07:01] * Joins: aroben (n=aroben@unaffiliated/aroben)
158. # [07:02] * Parts: doublec (n=doublec@202.180.114.137)
159. # [07:24] * Quits: MikeSmith (n=MikeSmit@203.155.34.120) ("Less talk, more pimp walk.")
160. # [07:25] * Joins: yod (n=ot@softbank221018155222.bbtec.net)
161. # [07:46] * Quits: hober (n=ted@unaffiliated/hober) ("ERC Version 5.3 (devel) (IRC client for Emacs)")
162. # [08:00] * Quits: othermaciej (n=mjs@17.203.15.161)
163. # [08:14] * Joins: MikeSmith (n=MikeSmit@203.155.34.120)
164. # [08:27] * Quits: jwalden (n=waldo@RANDOM-SEVENTY-TWO.MIT.EDU) ("ChatZilla 0.9.78.1-rdmsoft [XULRunner 1.8.0.9/2006120508]")
165. # [08:42] * Quits: aroben (n=aroben@unaffiliated/aroben) (Read error: 104 (Connection reset by peer))
166. # [08:43] * Quits: tantek (n=tantek@212.145.150.218)
167. # [08:48] * Joins: aroben (n=adamrobe@c-67-160-250-192.hsd1.ca.comcast.net)
168. # [09:05] * Quits: KevinMarks (n=KevinMar@c-76-102-254-252.hsd1.ca.comcast.net) ("biab")
169. # [09:08] * Joins: annevk (n=annevk@86.90.70.28)
170. # [09:19] * Joins: KevinMarks (n=Snak@c-76-102-254-252.hsd1.ca.comcast.net)
171. # [09:31] * Joins: peepo (n=Jay@host86-153-137-94.range86-153.btcentralplus.com)
172. # [09:43] * Quits: karlUshi (n=karl@dhcp-247-173.mag.keio.ac.jp) ("Where dwelt Ymir, or wherein did he find sustenance?")
173. # [09:56] * Quits: h3h (n=w3rd@cpe-76-88-44-219.san.res.rr.com)
174. # [09:59] * Quits: aroben (n=adamrobe@unaffiliated/aroben)
175. # [10:12] * Joins: tantek (n=tantek@cm-staticIP-85-152-41-19.telecable.es)
176. # [10:13] * Joins: tantek_ (n=tantek@cm-staticIP-85-152-41-20.telecable.es)
177. # [10:16] * Quits: heycam (n=cam@clm-laptop.infotech.monash.edu.au) (Read error: 110 (Connection timed out))
178. # [10:30] * Quits: tantek (n=tantek@cm-staticIP-85-152-41-19.telecable.es) (Read error: 110 (Connection timed out))
179. # [10:31] <hsivonen> should I expect datatemplates to be stable enough to start working on conformance checking them?
180. # [10:32] * Joins: Ducki (n=Ducki@nrdh-d9b980c3.pool.mediaWays.net)
181. # [10:33] * Joins: heycam (n=cam@203-214-114-92.dyn.iinet.net.au)
182. # [10:37] <hsivonen> "The contents of rule elements form a template, and may be anything that, when the parent datatemplate is applied to some conforming data, results in a conforming DOM tree." is that supposed to be machine-checkable?
183. # [10:39] <annevk> I guess it is, but it seems rather tricky as it may involve additional requests, etc.
184. # [10:39] <hsivonen> also, it involves computing all possible context trees for a selector...
185. # [10:41] <annevk> isn't that infinite most of the time?
186. # [10:41] <annevk> '*'
187. # [10:41] <hsivonen> gotta love how a "small" change can totally break fundamental assumptions about the nature of computations for conformance checking...
188. # [10:41] <hsivonen> annevk: obviously, enumerating the trees is futile
189. # [10:42] <hsivonen> I haven't yet figured out what problem data templates solve
190. # [10:42] <hsivonen> on the first look it seems like XSLT lite with Selectors instead of XPath
191. # [10:43] <annevk> I'm not sure either, although I'm told it likely replaces repetition templates and looks like XUL templating but simpler
192. # [10:45] <hsivonen> this stuff looks much harder to grok than repetition templates
193. # [10:46] <hsivonen> "When an element has a template attribute but no ref attribute, the element may, instead of its usual content model, have a single element of any kind. That element is then used as the root node of the data for the template." aargh
194. # [10:47] * Joins: ROBOd (n=robod@89.122.216.38)
195. # [10:47] <annevk> You slowly begin to understand why Hixie advocates a no-schema approach
196. # [10:48] <hsivonen> annevk: well, I guess he has more knowledge of what kind of radical changes he is going to pull off
197. # [10:48] <annevk> true
198. # [10:48] <hsivonen> annevk: earlier, analyzing the spec and deciding to use RELAX NG was a reasonable choice
199. # [10:48] <annevk> http://developer.mozilla.org/en/docs/XUL_Tutorial:Templates has an intro to XUL templates that seems to map to <datatemplatE> and co
200. # [10:50] <annevk> with a complex structure it should be possible to generate your weblog out of your Atom feed, as I understand it :)
201. # [10:51] <annevk> this saves some templates on the server side, but is probably a nightmare for search engines and older clients...
202. # [10:53] <hsivonen> I'm fine with certain things being left to the server side
203. # [10:54] <hsivonen> server side means that all sites don't need to buy in to the same solutions and can be updated out of sync and can explore stuff without browser cooperation
204. # [10:54] * Joins: zcorpan (n=zcorpan@pat.se.opera.com)
205. # [10:54] <annevk> maybe there are more convincing use cases
206. # [10:55] <hsivonen> Hixie: are data templates *really* supposed to work inline or do you expect people to use XML templates by reference anyway?
207. # [10:55] <hsivonen> I mean inline in text/html
208. # [10:55] <annevk> I suppose it helps in the cases where you don't have a server, as in offline applications
209. # [10:55] <hsivonen> I'm sensing some serious scope creep here
210. # [10:56] <annevk> Although writing some JavaScript to do the same might not be too hard
211. # [10:56] <hsivonen> I feel like sending a dozen emails, but I don't want to stir it on public-html up front
212. # [10:56] <annevk> e-mail whatwg@whatwg.org ?
213. # [10:57] <annevk> and say it's important as you're planning to implement
214. # [10:57] <hsivonen> yeah, when I have smart questions to ask, I'll probably take the whatwg route
215. # [10:59] * Joins: tantek (n=tantek@cm-staticIP-85-152-41-1.telecable.es)
216. # [11:02] * Joins: virtuelv (n=virtuelv@pat-tdc.opera.com)
217. # [11:02] <jgraham> FWIW I think Hyatt suggested the datatemplate thing
218. # [11:02] <zcorpan> "Most mobile browsers do not support everything HTML defines. Our experience is that XHTML Basic delivered with application/xhtml+xml is more likely to result in a functional user experience than other combinations." -- http://lists.w3.org/Archives/Public/public-bpwg-comments/2007OctDec/0012.html
219. # [11:05] <annevk> sounds like bs
220. # [11:05] <hsivonen> I must be living in some parallel universe where I carry a Gecko-based browser, a WebKit-based browsers and three Opera-based browsers on my person when I go out
221. # [11:05] <annevk> although maybe they can give some pointers to research they've done in that area, that counters yours
222. # [11:06] <annevk> and even then WebKit would get the encoding wrong :p
223. # [11:06] * Quits: tantek_ (n=tantek@cm-staticIP-85-152-41-20.telecable.es) (Read error: 110 (Connection timed out))
224. # [11:09] * Joins: tantek_ (n=tantek@cm-staticIP-85-152-41-19.telecable.es)
225. # [11:10] <Philip`> hsivonen: From what I've seen, inline text/html datatemplates appear to have extremely limited uses, since you can't use any interesting HTML elements in them without breaking in HTML5 UAs and in pre-HTML5 UAs
226. # [11:13] <hsivonen> Philip`: if that's true, I don't like inline datatemplates
227. # [11:23] <annevk> more on XUL templates: http://www.jerf.org/resources/xblinjs/whyNotMozilla/notXulTemplates.html
228. # [11:25] <Philip`> (At least the <select><nest></select> is broken by HTML5 parsers in http://philip.html5.org/demos/datatemplate/experimental/002.html - not sure if there are other problems there)
229. # [11:26] * annevk would expect that the parsing rules are modified at some point
230. # [11:26] <annevk> for <select> you can use a data= attribute btw that points to an external XML file
231. # [11:26] <annevk> although then you'd have to do the templating on the server side
232. # [11:27] <Philip`> If the contents of <datatemplate> doesn't get parsed like normal HTML, it'd seem even weirder to have it inline in HTML documents
233. # [11:28] * Quits: peepo (n=Jay@host86-153-137-94.range86-153.btcentralplus.com) ("later")
234. # [11:30] * Quits: tantek (n=tantek@cm-staticIP-85-152-41-1.telecable.es) (Read error: 110 (Connection timed out))
235. # [11:33] * Joins: tantek (n=tantek@cm-staticIP-85-152-41-1.telecable.es)
236. # [11:34] * Quits: tantek_ (n=tantek@cm-staticIP-85-152-41-19.telecable.es) (Read error: 110 (Connection timed out))
237. # [11:44] * Quits: KevinMarks (n=Snak@c-76-102-254-252.hsd1.ca.comcast.net) (Read error: 110 (Connection timed out))
238. # [12:04] * Quits: tantek (n=tantek@cm-staticIP-85-152-41-1.telecable.es) (Read error: 104 (Connection reset by peer))
239. # [12:07] * Joins: Ducki_ (i=Ducki@nrdh-d9b9806f.pool.mediaWays.net)
240. # [12:09] * Joins: tantek (n=tantek@cm-staticIP-85-152-41-1.telecable.es)
241. # [12:13] * Quits: Ducki (n=Ducki@nrdh-d9b980c3.pool.mediaWays.net) (Read error: 110 (Connection timed out))
242. # [12:18] * annevk didn't know you could specify 'Content-Type:text/html (this is a meaningless comment)' in HTTP
243. # [12:18] * annevk wonders if it actually works
244. # [12:25] <zcorpan> annevk: seems to work in opera but not mozilla, testing with a data: uri
245. # [12:26] <zcorpan> safari for windows crashed
246. # [12:30] <hsivonen> comments in protocol don't make sense to me
247. # [12:30] <hsivonen> it's not like humans are supposed to talk HTTP by hand and other humans supposed to read it
248. # [12:31] <annevk> maybe for debugging purposes?
249. # [12:31] <annevk> seems that the old specs are hopelessly out of data though
250. # [12:31] * annevk is reading through RFC2045 and 2046
251. # [12:32] <annevk> all subtypes of "text" must use CRLF as newline delimiter
252. # [12:32] <hsivonen> annevk: well, to me it looks like comments are yet another thing to debug
253. # [12:32] <hsivonen> haha
254. # [12:32] <annevk> this is false for all text subtypes I know
255. # [12:32] <hsivonen> yeah
256. # [12:32] <hsivonen> except in email
257. # [12:33] <hsivonen> CRLF is one of the worst ideas ever in text processing
258. # [12:33] * Joins: maikmerten (n=maikmert@Lbca7.l.pppool.de)
259. # [12:34] * annevk was reading this because Hixie is defining a format that ignores RFC 2046 in two ways: it uses LF as newline delimiter and UTF-8 is the encoding
260. # [12:35] <zcorpan> which format is that?
261. # [12:37] <annevk> it's part of #offline for caching
262. # [12:37] <zcorpan> the manifest thing?
263. # [12:38] <annevk> yeah
264. # [12:38] <annevk> hmm, the default media type in case Content-Type is bogus or absent is 'text/plain; charset=us-ascii'
265. # [12:39] <annevk> (to be fair, all this is from 1996)
266. # [12:42] <virtuelv> annevk: url for Hixie's spec?
267. # [12:42] <annevk> it's part of HTML5
268. # [12:42] <zcorpan> http://www.whatwg.org/specs/web-apps/current-work/#offline
269. # [12:43] <annevk> zcorpan, allowing comments in data: URIs types is a bug per the data URI specification it seems
270. # [12:43] <zcorpan> annevk: ok
271. # [12:44] <annevk> it defines mediatype itself as '[ type "/" subtype ] *( ";" parameter )'
272. # [12:46] <hsivonen> HTTP matters so much more than SMTP for the transfer of novel types.
273. # [12:46] * zcorpan likes idea #3 better than the other two ideas
274. # [12:47] <hsivonen> we should repeal the old MIME RFCs and write new specs that are sane for HTTP and have exceptions for the SMTP legacy
275. # [12:47] * Quits: tantek (n=tantek@cm-staticIP-85-152-41-1.telecable.es) (Read error: 110 (Connection timed out))
276. # [12:47] <zcorpan> why can't the manifest have the mime type text/plain ?
277. # [12:48] <annevk> so that text/plain does not have to be sniffed?
278. # [12:49] <annevk> hsivonen, the problem is the amount of work
279. # [12:49] <zcorpan> you'd only sniff it if it was referenced from <html application="...">, no?
280. # [12:49] <zcorpan> s/sniff/process/
281. # [12:50] <annevk> hmm, maybe
282. # [12:51] <zcorpan> just like e.g. a css style sheet doesn't do anything if you view it directly
283. # [12:53] <annevk> i don't think I care much either way
284. # [12:54] <annevk> using a MIME type is less likely to upset people though and doesn't cost much
285. # [12:54] <annevk> and if it doesn't work out it can always be obsoleted
286. # [12:55] <zcorpan> from a practical point of view -- what file extension will you use? does apache have a mapping for that file extension?
287. # [12:55] <zcorpan> we might end up having authors use all of text/cache-manifest, text/plain and text/html etc
288. # [12:56] <zcorpan> and browsers will have to support all of those or perhaps even ignore the content-type altogether
289. # [12:56] <zcorpan> which seems worse than to just use text/plain
290. # [12:57] <annevk> ignoring content-type information seems like an acceptable loss to me
291. # [12:57] <zcorpan> ok, but what's the win of saying text/cache-manifest over text/plain?
292. # [12:58] <annevk> it doesn't upset people who care about this, or upsets them less
293. # [13:00] <annevk> (re: data URLs, they need to be updated too to be clear about fragment identifiers and that percent encoded URIs are always interpreted as UTF-8 (iirc))
294. # [13:01] <zcorpan> i don't see a difference here from xbl using application/xml instead of application/xbl+xml
295. # [13:01] <annevk> all XML is processed the same way, text subtypes are process differently
296. # [13:01] <hsivonen> FWIW, it suck rather badly for developers that application/json triggers download behavior (at least in Firefox) if you try to view directly
297. # [13:01] <annevk> e.g. text/html vs text/css
298. # [13:02] <hsivonen> sucks even
299. # [13:02] <annevk> JSON doesn't need a Content-Type really...
300. # [13:02] <zcorpan> annevk: the problem was that saying application/xbl+xml is likely to result in mislabeled content, and the same applies to text/cache-manifest
301. # [13:02] <hsivonen> also, .rng and .rnc don't really benefit from non-text/plain content types
302. # [13:03] <hsivonen> since people who view those types directly want to see them as text
303. # [13:04] <annevk> zcorpan, that was not the only argument
304. # [13:04] <annevk> but sure
305. # [13:04] * annevk doesn't care much
306. # [13:06] <hsivonen> in general, it seems to me that only document formats (plain text, HTML, PDF, ODF, etc.) should have authoritative types
307. # [13:06] * Joins: tantek (n=tantek@cm-staticIP-85-152-41-19.telecable.es)
308. # [13:06] <hsivonen> and style sheet, schemas, scripts, auxiliary data files, etc. would be better without
309. # [13:07] <hsivonen> the test should be "Do end users who aren't debugging want to load this in the a browsing context?"
310. # [13:07] <hsivonen> Yes => typed. No => untyped
311. # [13:19] * Quits: MikeSmith (n=MikeSmit@203.155.34.120) (Read error: 110 (Connection timed out))
312. # [13:21] <annevk> btw, prompting for text/unknown is wrong in theory
313. # [13:25] <virtuelv> Hm. I'd probably like to see the offline manifest as JSON instead
314. # [13:25] <annevk> see #whatwg archives
315. # [13:25] <annevk> JSON was too complex with too many edge cases
316. # [13:26] <virtuelv> ok
317. # [13:26] <annevk> XML even more so
318. # [13:27] <virtuelv> goes without saying
319. # [13:58] <hsivonen> what's matchAll() or getElementsBySelector() called today?
320. # [13:58] * hsivonen isn't following the naming debate anymore
321. # [13:59] <annevk> querySelector() and querySelectorAll()
322. # [14:00] <hsivonen> thanks
323. # [14:02] * Joins: tndH (i=Rob@adsl-87-102-67-202.karoo.KCOM.COM)
324. # [14:02] * Quits: Ducki_ (i=Ducki@nrdh-d9b9806f.pool.mediaWays.net) (Read error: 113 (No route to host))
325. # [14:08] * Quits: tantek (n=tantek@cm-staticIP-85-152-41-19.telecable.es)
326. # [14:13] * Joins: annevk2 (n=annevk@86.90.70.28)
327. # [14:16] <hsivonen> I thought JSON had Draconian failure on error without edge cases
328. # [14:31] <zcorpan> is there a way to make non-html elements focusable?
329. # [14:32] <zcorpan> html:role is pretty useless otherwise
330. # [14:33] <zcorpan> unless we say e.g. that html:role makes the element focusable in and of itself
331. # [14:33] * Joins: dev0 (i=Tobias@unaffiliated/icefox0)
332. # [14:36] <annevk2> SVG has focusable=
333. # [14:37] * Quits: annevk (n=annevk@86.90.70.28) (Read error: 110 (Connection timed out))
334. # [14:57] * Joins: BenWard (n=BenWard@dip5-fw.corp.ukl.yahoo.com)
335. # [15:02] * Quits: virtuelv (n=virtuelv@pat-tdc.opera.com) ("Leaving")
336. # [15:04] * Joins: virtuelv (n=virtuelv@pat-tdc.opera.com)
337. # [15:38] * Quits: BenWard (n=BenWard@dip5-fw.corp.ukl.yahoo.com)
338. # [15:45] * zcorpan looks at svg mobile 1.2
339. # [15:45] <zcorpan> <circle cx="300" cy="225" r="100" fill="red">
340. # [15:45] <zcorpan> <handler type="application/ecmascript" ev:event="DOMActivate"> change(evt); </handler>
341. # [15:45] <zcorpan> </circle>
342. # [15:46] <zcorpan> what's wrong with <circle ... onclick="chance(event)"/> ?
343. # [15:46] <zcorpan> s/chance/change/
344. # [15:47] <zcorpan> http://www.w3.org/TR/SVGMobile12/interact.html#UIEvents
345. # [15:47] <annevk2> XML Events seemed like the way forward or something
346. # [15:48] <zcorpan> seem just more verbose to me
347. # [15:50] <virtuelv> zcorpan: I presume that someone foresaw a future where javascript was dead
348. # [15:50] <virtuelv> <handler type="application/x-brainfuck" ev:event="DOMActivate"> change(evt); </handler>
349. # [15:50] <annevk2> zcorpan, yes, formal objections to that effect have been raised and subsequently ignored iirc
350. # [16:05] <zcorpan> right
351. # [16:05] <zcorpan> still, Content-Script-Type could solve that the day another script type becomes evident
352. # [16:06] <zcorpan> as specced in html4 ten years ago
353. # [16:08] * Joins: tantek (n=tantek@cm-staticIP-85-152-41-1.telecable.es)
354. # [16:16] * Parts: Kuruma (n=Kuruman@h123-176-107-050.catv01.catv-yokohama.ne.jp)
355. # [16:19] * Quits: yod (n=ot@softbank221018155222.bbtec.net) ("Leaving")
356. # [16:20] <annevk2> I wonder how many servers have bogus values for that header
357. # [16:20] <annevk2> and for the style equivalent header for that matter
358. # [16:23] <zcorpan> i've seen the headers in the wild but not with bogus values
359. # [16:24] <zcorpan> i think some versions of firefox respect them
360. # [16:29] * Joins: dev0_ (i=Tobias@dslb-088-076-242-249.pools.arcor-ip.net)
361. # [16:31] * Joins: billmason (n=billmaso@ip156.unival.com)
362. # [16:41] * Joins: Ducki (i=Ducki@nrdh-d9b98352.pool.mediaWays.net)
363. # [16:47] * Quits: dev0 (i=Tobias@unaffiliated/icefox0) (Read error: 110 (Connection timed out))
364. # [16:53] * Quits: tantek (n=tantek@cm-staticIP-85-152-41-1.telecable.es) (Read error: 104 (Connection reset by peer))
365. # [17:03] * Joins: tantek (n=tantek@cm-staticIP-85-152-41-19.telecable.es)
366. # [17:13] * Quits: Ducki (i=Ducki@nrdh-d9b98352.pool.mediaWays.net) (Read error: 113 (No route to host))
367. # [17:22] * Quits: virtuelv (n=virtuelv@pat-tdc.opera.com) ("Leaving")
368. # [17:26] * Quits: maikmerten (n=maikmert@Lbca7.l.pppool.de) (Read error: 104 (Connection reset by peer))
369. # [17:27] * Joins: tantek_ (n=tantek@cm-staticIP-85-152-41-19.telecable.es)
370. # [17:28] * Quits: tantek (n=tantek@cm-staticIP-85-152-41-19.telecable.es) (Read error: 104 (Connection reset by peer))
371. # [17:39] * Joins: KevinMarks (n=KevinMar@98.207.134.151)
372. # [17:44] * Joins: maikmerten (n=maikmert@Lb866.l.pppool.de)
373. # [17:44] * Joins: h3h (n=w3rd@cpe-76-88-44-219.san.res.rr.com)
374. # [17:50] * Quits: tantek_ (n=tantek@cm-staticIP-85-152-41-19.telecable.es) (Read error: 110 (Connection timed out))
375. # [17:51] * Quits: KevinMarks (n=KevinMar@98.207.134.151) ("The computer fell asleep")
376. # [17:54] * Joins: tantek (n=tantek@cm-staticIP-85-152-41-1.telecable.es)
377. # [18:14] * Joins: BenWard (n=BenWard@87-194-62-78.bethere.co.uk)
378. # [18:15] * Quits: h3h (n=w3rd@cpe-76-88-44-219.san.res.rr.com)
379. # [18:17] * Joins: BenneWarde (n=BenWard@dip5-fw.corp.ukl.yahoo.com)
380. # [18:29] * Quits: tantek (n=tantek@cm-staticIP-85-152-41-1.telecable.es) (Read error: 104 (Connection reset by peer))
381. # [18:29] * Joins: aroben (n=adamrobe@17.203.15.154)
382. # [18:30] * Joins: tantek (n=tantek@cm-staticIP-85-152-41-1.telecable.es)
383. # [18:32] <Hixie> hsivonen: i'll be online in about 2 hours and can reply to any datatemplate questions
384. # [18:33] <Hixie> hsivonen: in brief: not expected to be used inline in html; didn't expect machine checkable to actually apply the templates
385. # [18:33] <Hixie> hsivonen: did expect validators to at least check that there was one context in which all the children of the <rule> element could theoretically be valid together
386. # [18:34] <Hixie> hsivonen: datatemplate is basically expected to replace the repetition construct stuff; i'm not convinced that repetition blocks are easier, i actually think datatemplates are easier
387. # [18:35] <Hixie> zcorpan: text/plain isn't a manifest. while we're pretending that content-type still exists, we should at least try to honour its concepts
388. # [18:35] * Quits: BenWard (n=BenWard@87-194-62-78.bethere.co.uk) (Read error: 110 (Connection timed out))
389. # [18:36] <zcorpan> Hixie: ok. i don't expect it to actually work though
390. # [18:37] * Quits: jruderman (n=jruderma@c-67-180-15-227.hsd1.ca.comcast.net)
391. # [18:46] * Quits: weinig (n=weinig@c-67-169-182-231.hsd1.ca.comcast.net)
392. # [18:48] * Joins: h3h (n=w3rd@66-162-32-234.static.twtelecom.net)
393. # [18:52] * Joins: othermaciej (n=mjs@dsl081-048-145.sfo1.dsl.speakeasy.net)
394. # [18:58] * Joins: Ducki (n=Ducki@nrdh-d9b980dd.pool.mediaWays.net)
395. # [19:00] * Joins: weinig (n=weinig@17.203.15.140)
396. # [19:03] * Quits: tantek (n=tantek@cm-staticIP-85-152-41-1.telecable.es) (Read error: 110 (Connection timed out))
397. # [19:04] * Joins: jruderman (n=jruderma@corp-241.mountainview.mozilla.com)
398. # [19:13] * Quits: annevk2 (n=annevk@86.90.70.28)
399. # [19:14] * Joins: annevk2 (n=annevk@86.90.70.28)
400. # [19:19] * Joins: tantek (n=tantek@212.145.150.218)
401. # [19:42] * Quits: othermaciej (n=mjs@dsl081-048-145.sfo1.dsl.speakeasy.net)
402. # [19:43] * Joins: peepo (n=Jay@host86-153-137-94.range86-153.btcentralplus.com)
403. # [19:44] * Joins: virtuelv (n=virtuelv@51.80-203-76.nextgentel.com)
404. # [19:44] * Quits: peepo (n=Jay@host86-153-137-94.range86-153.btcentralplus.com) (Client Quit)
405. # [19:44] * Joins: othermaciej (n=mjs@dsl081-048-145.sfo1.dsl.speakeasy.net)
406. # [19:45] * Joins: peepo (n=Jay@host86-153-137-94.range86-153.btcentralplus.com)
407. # [19:45] * Quits: othermaciej (n=mjs@dsl081-048-145.sfo1.dsl.speakeasy.net) (Client Quit)
408. # [19:55] * Joins: aaronlev (n=chatzill@static-68-236-126-89.bos.east.verizon.net)
409. # [20:01] * Joins: Ducki_ (n=Ducki@nrdh-d9b98071.pool.mediaWays.net)
410. # [20:03] * Quits: annevk2 (n=annevk@86.90.70.28) (Read error: 110 (Connection timed out))
411. # [20:03] * Joins: annevk2 (n=annevk@86.90.70.28)
412. # [20:12] <annevk2> got to love that the XHTML2 WG is public now: "there is actual money value in efficiency boost by using XML and namespacing; tag soup devalues and compromises accessibility"
413. # [20:13] <annevk2> also, "GJR: XBL draft dangersously underspecified"
414. # [20:14] <zcorpan> annevk2: pointers?
415. # [20:14] <annevk2> http://www.w3.org/2007/10/03-xhtml-minutes.html#item03
416. # [20:15] <annevk2> there's also some stuff about the non-namespaced role= solution not being forward-looking
417. # [20:15] * annevk2 is now known as annevk
418. # [20:17] <zcorpan> ah, they discussed aria
419. # [20:17] * zcorpan reads
420. # [20:19] * Joins: aaron (n=chatzill@static-68-236-126-89.bos.east.verizon.net)
421. # [20:22] <Hixie> zcorpan: well, the spec currently says to bail if the mime type doesn't match. but we'll see. :-)
422. # [20:23] * Quits: Ducki (n=Ducki@nrdh-d9b980dd.pool.mediaWays.net) (Read error: 113 (No route to host))
423. # [20:25] <zcorpan> Hixie: yep :)
424. # [20:26] <Hixie> "XBL draft dangersously underspecified"?
425. # [20:26] <Hixie> who's GJR? i should ask him for feedback
426. # [20:26] <annevk> It's Gregory
427. # [20:26] <Hixie> aha, gregory
428. # [20:27] <annevk> pm'd you contact info in case you don't have it
429. # [20:28] <zcorpan> i can't extract actual feedback on the aria proposal form the minutes
430. # [20:29] <Hixie> hey dreamhost fixed my jabber problem at last
431. # [20:32] <annevk> Hixie, maybe you could add examples to <datatemplate> that illustrate how it replaces repetition templates and such?
432. # [20:33] <Hixie> man, have you seen these minutes? http://www.w3.org/2007/10/03-xhtml-minutes.html#item02
433. # [20:33] <Hixie> "WG decided to declare victory -- text/html is the media type, that's that -- then we thought better of it and switched it back"
434. # [20:33] <Hixie> there are so many things wrong with that... i don't know where to start
435. # [20:33] <Hixie> annevk: yeah, i need to fill in the intro section
436. # [20:37] <Hixie> right. asked him for feedback. hopefully he can send me links to the underspecified parts, so i can fix them.
437. # [20:38] * Quits: aaronlev (n=chatzill@static-68-236-126-89.bos.east.verizon.net) (Read error: 110 (Connection timed out))
438. # [20:38] <annevk> oh lol, role= will depend on CURIEs
439. # [20:38] <Hixie> what's a curie again? i thought it was a unit of radiation.
440. # [20:39] <annevk> per the XHTML2 WG it's an abbreviation of URIs
441. # [20:39] <Hixie> ah
442. # [20:39] <gavin_> abbreviations aren't usually longer than the word they're abbreviating
443. # [20:39] <annevk> foo:bar expands into http://example.org/#bar if foo is bound to http://example.org/#
444. # [20:40] <Hixie> ah so it's a qualified name?
445. # [20:40] <zcorpan> no
446. # [20:40] <annevk> qualified names don't expand into URIs
447. # [20:40] <annevk> they expand into a namespace local-name tuple
448. # [20:41] <Hixie> {http://www.example.org/#, bar} and http://example.org/#bar seem the same to me, except for some syntactic details
449. # [20:41] * Joins: kingryan (n=kingryan@corp.technorati.com)
450. # [20:42] <annevk> it's also that bar in this example is no longer restricted to a being a NCName
451. # [20:43] <annevk> seems quite trivial these days to register MIME types btw
452. # [20:44] <Hixie> lordy, whatwg seems to be taking up the slack now that public-html has stopped being high-traffic
453. # [20:45] <annevk> e-mail on the whatwg list or something else?
454. # [20:45] <Hixie> yes
455. # [20:46] * Quits: jruderman (n=jruderma@corp-241.mountainview.mozilla.com)
456. # [20:46] * Quits: aaron (n=chatzill@static-68-236-126-89.bos.east.verizon.net) (Read error: 113 (No route to host))
457. # [20:47] <annevk> hmm, which e-mail?
458. # [20:47] <Hixie> i just mean that as traffic to public-html has gone down, traffic to whatwg has gone up
459. # [20:48] <annevk> oh
460. # [20:48] <Hixie> hsivonen: re how do we avoid <datatemplate> turning into a programming language: i think we'll define escaping to JS in the first version. i'm just not sure what the syntax should be yet.
461. # [21:00] * Joins: jruderman (n=jruderma@corp-241.mountainview.mozilla.com)
462. # [21:03] * Quits: peepo (n=Jay@host86-153-137-94.range86-153.btcentralplus.com) ("later")
463. # [21:08] * Joins: KevinMarks (i=KevinMar@nat/google/x-a6c1ffb85b76b22d)
464. # [21:16] * Quits: tantek (n=tantek@212.145.150.218)
465. # [21:21] <Hixie> ah, apparently gregory didn't mean what he minuted about xbl
466. # [21:26] * Quits: zcorpan (n=zcorpan@pat.se.opera.com) (Read error: 110 (Connection timed out))
467. # [21:31] * Quits: BenneWarde (n=BenWard@dip5-fw.corp.ukl.yahoo.com)
468. # [21:34] * Quits: maikmerten (n=maikmert@Lb866.l.pppool.de) ("Leaving")
469. # [21:36] * Joins: aaron (n=chatzill@m935f36d0.tmodns.net)
470. # [21:36] * aaron is now known as aaronlev
471. # [21:45] * Joins: tantek (n=tantek@212.145.150.218)
472. # [22:02] * Joins: othermaciej (n=mjs@17.203.15.174)
473. # [22:08] * Joins: weinig_ (n=weinig@17.255.97.99)
474. # [22:11] * Quits: ozamosi (n=ozamosi@unaffiliated/ozamosi) (Read error: 110 (Connection timed out))
475. # [22:16] * Quits: weinig_ (n=weinig@17.255.97.99)
476. # [22:18] * Quits: aaronlev (n=chatzill@m935f36d0.tmodns.net) (Read error: 110 (Connection timed out))
477. # [22:18] * Joins: weinig_ (n=weinig@17.255.97.99)
478. # [22:20] * Quits: othermaciej (n=mjs@17.203.15.174) (Read error: 110 (Connection timed out))
479. # [22:21] * Quits: Ducki_ (n=Ducki@nrdh-d9b98071.pool.mediaWays.net) (Read error: 113 (No route to host))
480. # [22:22] * Quits: weinig (n=weinig@17.203.15.140) (Read error: 110 (Connection timed out))
481. # [22:24] * Joins: weinig (n=weinig@17.203.15.140)
482. # [22:40] * Quits: weinig_ (n=weinig@17.255.97.99) (Read error: 110 (Connection timed out))
483. # [22:46] * Joins: othermaciej (n=mjs@17.255.97.100)
484. # [22:50] * Quits: othermaciej (n=mjs@17.255.97.100) (Client Quit)
485. # [22:50] * Joins: othermaciej (n=mjs@17.255.97.100)
486. # [22:55] * Quits: ROBOd (n=robod@89.122.216.38) ("http://www.robodesign.ro")
487. # [23:05] * annevk addresses some comments from Hixie on access-control
488. # [23:13] * Quits: virtuelv (n=virtuelv@51.80-203-76.nextgentel.com) ("Leaving")
489. # [23:21] * Joins: doublec (n=doublec@202.180.114.137)
490. # [23:24] <Hixie> annevk: changing the port defaults, or the other one?
491. # [23:24] * Quits: dev0_ (i=Tobias@unaffiliated/icefox0) ("dev0_ has no reason")
492. # [23:28] <annevk> the other
493. # [23:28] <annevk> I tend to agree with port defaults, but I'd like to wait for the Mozilla folks to give feedback first
494. # [23:29] <annevk> based on their feedback it's like it's now
495. # [23:29] <Hixie> k
496. # [23:29] <Hixie> (i guarentee that it will lead to security holes if we don't fix it, but i agree that we should consult with the browser vendors)
497. # [23:30] <annevk> mozilla unfixed it :)
498. # [23:30] * Joins: aaronlev (n=chatzill@146-115-126-114.c3-0.arl-ubr1.sbo-arl.ma.cable.rcn.com)
499. # [23:30] <annevk> maybe we should just have a wildcard for port
500. # [23:30] <annevk> http://example.org:*
501. # [23:31] <Hixie> seems better than defaulting wild, yeah
502. # [23:31] <annevk> the 99% case will likely be just <*> though
503. # [23:32] <Hixie> no
504. # [23:32] <Hixie> the 99% case will be 80.
505. # [23:32] <Hixie> in only very few cases would you do it to anything but 80
506. # [23:32] <Hixie> almost all cases where you talk to a non-80 port, there'll be something fishy going on
507. # [23:32] <annevk> if you bring this back to use cases, fair enough
508. # [23:33] <Hixie> the security issue is pretty drastic
509. # [23:33] <Hixie> you yourself are vulnerable
510. # [23:33] <Hixie> philip` could impersonate zcorpan on html5.org, for example (assuming they both have separate use accounts to the same machine)
511. # [23:34] <Hixie> if you and i were hosted on the same shared dreamhost machine, i could trivially run a web host at annevankesteren.nl:9999
512. # [23:34] <annevk> yeah, I understood that from your e-mail
513. # [23:34] <annevk> quite annoying
514. # [23:35] <Hixie> no argument from me there
515. # [23:35] <annevk> what I've heard from others and what seems likely though is that the most common case will be <*>
516. # [23:35] <Hixie> why?
517. # [23:36] * Hixie only very rarely seens non-80 HTTP traffic
518. # [23:36] <Hixie> sees
519. # [23:36] <annevk> no, I mean Access-Control: allow <*>
520. # [23:37] <Hixie> ah
521. # [23:37] <Hixie> yeah, that case should still have wildcard port
522. # [23:37] <Hixie> and yeah, it'll be quite common
523. # [23:37] <annevk> the <example.org> case will have wildcard as well right?
524. # [23:37] <annevk> or do we want that to be a shorthand for http://example.org:80
525. # [23:38] <Hixie> if you don't have a scheme, you'd have to make it wildcard, i'd guess
526. # [23:38] <Hixie> unless you default the scheme, but that seems bad
527. # [23:38] <annevk> requiring authors to type <*://example.org:*> or something like that...
528. # [23:38] <Hixie> if the scheme is "*" then i think defaulting the port to "*" would be fine
529. # [23:38] <Hixie> really all i'm saying is that "http" implies a port, so when you have that port implication, it shouldn't default to wild
530. # [23:39] <annevk> i guess that's fair enough
531. # [23:51] <annevk> Hixie, btw, is it really that dangerous? as this is mostly to protect information leakage from the intranet, after all
532. # [23:52] <annevk> maybe I'm missing something
533. # [23:54] <Hixie> yes
534. # [23:55] <Hixie> let http://example.com/ be user-authentication (by cookie or http) and let it host some user-sensitive data
535. # [23:55] <Hixie> user-authenticated, that is
536. # [23:56] <Hixie> let http://affiliate.invalid/ be a separate organisation that has an agreement with example.com to use the user-sensitive data
537. # [23:56] <Hixie> example.com's data is only accessible to UAs that are logged in to example.com, and to scripts running in example.com's domain and affiliate.invalid's domain.
538. # [23:57] <Hixie> now let http://evil.example.net/ be an unrelated evil organisation that happens to be hosted on the same IP as affiliate.invalid
539. # [23:57] <Hixie> the http://evil.example.net/ organisation can host content at http://affiliate.invalid:9999/ that can now access http://example.com/'s data when a user is sent to http://affiliate.invalid:9999/ (e.g. by phishing)
540. # [23:57] <Hixie> btw, this is the kind of thing that the security section should be discussing in detail
541. # [23:58] <Hixie> and is why security sections are important
542. # [23:58] <annevk> so the problem is that it's unclear whether authentication and cookies are actually supported
543. # [23:58] <annevk> to me, anyway
544. # [23:59] <Hixie> how do you mean?
545. # [23:59] <annevk> cookies don't go in outgoing requests iirc and you can't specify user/password either
546. # Session Close: Thu Oct 04 00:00:00 2007

The end :)