/irc-logs / freenode / #whatwg / 2008-10-03 / end

Options:

1. # Session Start: Fri Oct 03 00:00:00 2008
2. # Session Ident: #whatwg
3. # [00:00] <sicking> in the product
4. # [00:00] <sicking> how do you mean?
5. # [00:00] <Hixie> what is the problem you want to solve by not doing a string comparison? (the url parsing having happened, as with origin checking, before having a security context)
6. # [00:00] <sicking> the problem is in everywhere when there is a difference to url comparsing
7. # [00:00] <sicking> which are 3 things:
8. # [00:01] <sicking> 1. scheme in url is case insensitive
9. # [00:01] <sicking> 2. domain in url is case insensitive
10. # [00:01] <sicking> 3. explicit default port is same as no port
11. # [00:01] <Hixie> yes but the UA generates the string it is comparing to, so why does it matter? i mean, we could be generating hashes here too, why does it matter?
12. # [00:01] <sicking> why aren't we using hashes?
13. # [00:02] <sicking> or http.org.example.www(80)
14. # [00:02] <Hixie> so that the user can see what is being compared more easily
15. # [00:02] <sicking> user won't see this
16. # [00:02] <sicking> my mom never will
17. # [00:02] <Hixie> s/user/author/, sorry
18. # [00:03] <sicking> that author will also be generating the urls for ac-allow-origin
19. # [00:03] <Hixie> (i'm fine with using a new syntax too, it just seems gratuitous)
20. # [00:03] <sicking> exactly, and doing string comparison is using a new syntax
21. # [00:03] <sicking> because we no longer treat them as urls
22. # [00:04] <sicking> i say that if something looks like a url, we should treat it as such
23. # [00:04] <Hixie> and i'm saying that's a security nightmare waiting to happen
24. # [00:04] <sicking> can you name any problems with url parsing that would have been made worse by using it for AC?
25. # [00:05] <sicking> any problem with url parsing is already likely fatal
26. # [00:07] <gsnedders> Hixie: Oh, just to tell him those tests that I mentioned above are broken
27. # [00:09] * Joins: nessy (n=nessy@124-171-51-52.dyn.iinet.net.au)
28. # [00:10] <Hixie> sicking: no, not off-hand. But defense in depth isn't done by making sure we don't do something that could be vulnerable to an already-fixed problem, it's done by making the attack surface smaller.
29. # [00:10] <sicking> Hixie, it's a very gratuitous defense you are inventing
30. # [00:11] <sicking> Hixie, if you have no idea what you are protecting yourself from, how do we know what you are inventing is better
31. # [00:11] <Hixie> it's simpler
32. # [00:11] <sicking> Hixie, you are also adding risks by inventing new formats
33. # [00:11] <Hixie> simpler is better :-)
34. # [00:11] <Hixie> it's not a new format, it's a canonicalised URL
35. # [00:11] <sicking> simpler how? for who?
36. # [00:12] <Hixie> (s1 == s2) is simpler than (ParseURL(s1) == ParseURL(s2))
37. # [00:12] <sicking> simpler for who?
38. # [00:12] <Hixie> and it's simpler for authors and implementors. for authors because once they have found the string that works, it'll always work, and for implementors because, well, (s1 == s2) is simpler than (ParseURL(s1) == ParseURL(s2))
39. # [00:13] <sicking> it's not simpler for me, it's about the same number of lines of code (about 5 vs 8), it's not simpler for authors as they have a surprising inconsistency with all other urls in the product
40. # [00:13] <othermaciej> as an implementor I'd say neither is particularly harder or easier
41. # [00:14] <Hixie> seriously? doing a security audit of the url parsing is as simple as a security audit of just comparing two strings?
42. # [00:14] <Hixie> those must be some damn complicated string comparisong algorithms y'all are using
43. # [00:14] <Hixie> comparison
44. # [00:14] <sicking> the code is already audited in both cases
45. # [00:15] <sicking> Hixie, i don't have two strings, i have a string (the ac-allow-origin header) and a url (the requesting site)
46. # [00:15] <othermaciej> url parsing and comparison (and specifically of a url string converted to our SecurityOrigin class) is already audited
47. # [00:15] <othermaciej> and already heavily exposed
48. # [00:15] <Hixie> sicking: you have two strings, the string you sent the server, and the string it sent back
49. # [00:16] <othermaciej> I would be less nervous security-wise about a comparison of two SecurityOrigin objects than two Strings, but seems to me either could be sound
50. # [00:16] <sicking> Hixie, i don't have the string sent to the server saved. I could save it, but it'd add about the same number of lines of code that parsing to a url adds
51. # [00:17] <sicking> yeah, i think both these solutions are simple and both are secure. The difference is that one seems more surprising to authors
52. # [00:19] <othermaciej> sicking: what's an example of a case where the author would see different behavior between the two?
53. # [00:19] <sicking> othermaciej, HTTP://Example.Org:80 vs http://example.org contains all 3 differences that i can think of
54. # [00:20] <othermaciej> sicking: ok, but walk me through the scenario
55. # [00:20] <othermaciej> so let's say you loaded from a page of HTTP://Example.Org:80
56. # [00:20] <virtuelv> sicking: what about http://example.org./ vs http://example.org/
57. # [00:20] <Hixie> virtuelv: those are different
58. # [00:21] <sicking> virtuelv, what hixie said
59. # [00:21] <Hixie> my concern is with things like http:///example.com vs http://example.com, where on UA has a bug and treats it differently than other UAs
60. # [00:21] <sicking> othermaciej, well, the Origin header that the site is going to receive is always going to be on the "canonical" form (per spec)
61. # [00:22] <Hixie> or http:://, or http://foo.com:80@bar.com:81/ or whatever
62. # [00:23] <Hixie> seems like for something this important you shouldn't need to be a spec lawyer to be able to tell if the string is going to work or not
63. # [00:23] <sicking> othermaciej, in most cases the server is going to have some sort of list of origins they want to approve. For example some list like "*.company.com", "*.partner.com"
64. # [00:23] <sicking> othermaciej, and then match the Origin against that
65. # [00:23] * Quits: aroben (n=aroben@unaffiliated/aroben) (Read error: 104 (Connection reset by peer))
66. # [00:24] <sicking> othermaciej, and then send back a matching origin if one is found
67. # [00:24] <sicking> othermaciej, (they're basically forced to do this given how simple the syntax of the AC-Allow-Origin header is)
68. # [00:25] <sicking> othermaciej, so if they generate the send-back string with a uppercase Company.com because that's how they normally type the company url internally, they'll currently fail
69. # [00:25] <Hixie> but they'll _always_ fail, so it'll be trivial to catch
70. # [00:26] <Hixie> with url parsing, they might find it works in the UAs they test, but some syntax error means it fails in the rest
71. # [00:26] <Hixie> and they won't know until the deploy
72. # [00:26] <Hixie> they
73. # [00:26] <othermaciej> sicking: so if you can generate the
74. # [00:27] <othermaciej> "canonical" form to send it
75. # [00:27] <othermaciej> you can generate it for the comparison too
76. # [00:27] <othermaciej> I see the point for the send-back
77. # [00:27] <othermaciej> requires a canonicalization on the server side, possibly
78. # [00:28] <sicking> right
79. # [00:28] <sicking> Hixie, differences like that are already breaking things and needs to be fixed
80. # [00:29] <Hixie> not necessarily
81. # [00:29] <Hixie> but sure, any interop issues should be fixed
82. # [00:29] <Hixie> my point is just that this is too important to elevate all url parsing interop issues to that level
83. # [00:29] <sicking> i don't think this is any more important than any other place
84. # [00:30] <Hixie> it'd be like saying "well a lot of our houses are made of wood, and wood is quite flammable, so we have to fix that anyway, it's not a reason to not build the dam using wood"
85. # [00:30] <sicking> but this is just another house, this is no more important than anything else in the browser
86. # [00:30] <Hixie> ?!
87. # [00:31] <sicking> if two strings parsed into urls are considered same-origin in one UA but not in another we're already in the same trouble that would happen here
88. # [00:31] <Hixie> this controls the ability for any random site to transfer all my money out of my bank account
89. # [00:31] <othermaciej> I don't think URL canonicalization is risky
90. # [00:31] <Hixie> it's FAR more important than, say, whether i can type a URL safely in the address bar
91. # [00:31] <othermaciej> I think having different definitions of same-origin is more risky
92. # [00:31] <Hixie> i agree with maciej
93. # [00:31] <sicking> Hixie, so does the same-origin-url-comparison code that checks if cross-frame-scripting is allowed
94. # [00:32] <othermaciej> Hixie: the upshot of what I'm saying is that Access-Control defining same-origin differently is arguably bad
95. # [00:32] <Hixie> othermaciej: this isn't defining same-origin differently
96. # [00:32] <othermaciej> since other same-origin checks canonicalize
97. # [00:33] <Hixie> othermaciej: it's serialising the origin, and then comparing it to someone else's attempt at doing the same thing
98. # [00:33] <othermaciej> I guess you could see it that way
99. # [00:33] <Hixie> origin comparisons aren't url comparisons, they're the same thing as here, except without serialising the origin, just holding it as a tuple
100. # [00:33] <sicking> so for what it's worth, IE does have a different concept of what is same-origin than everyone else
101. # [00:34] <sicking> they don't consider ports to be part of the origin
102. # [00:34] <Hixie> (they could as easily be done by serialising, except for the unique ID case)
103. # [00:34] <Hixie> anyway
104. # [00:34] <sicking> apparently they do for same-site XHR starting with IE7, but nowhere else
105. # [00:34] <Hixie> i'm not the editor of the AC spec, so i'm not the one you have to convince :-)
106. # [00:35] * Quits: aaronlev_ (n=chatzill@e176244027.adsl.alicedsl.de) (Read error: 110 (Connection timed out))
107. # [00:36] <sicking> anne has said he'll follow what websockets do
108. # [00:36] <sicking> though technically speaking its not up to the editor but the group as a whole
109. # [00:36] <sicking> i'd just rather it not get to that of course
110. # [00:37] <Hixie> well technically it's up to Tim
111. # [00:37] <Hixie> but sure
112. # [00:37] <sicking> this is far too unimportant to raise to a vote even
113. # [00:37] <sicking> imho
114. # [00:37] <sicking> i just don't see any advantages to the current behavior
115. # [00:37] <Philip`> hsivonen: When using your HTML2XML, any spaces in attributes get turned into \x20\xEF\BF\xBD (or whatever that is in UTF-8), which seems kind of weird and undesired
116. # [00:38] <Hixie> sicking: so where do you stand on WebSocket-Location?
117. # [00:38] <sicking> Hixie, what is that?
118. # [00:39] <Hixie> should that be parsed and components recompared too?
119. # [00:39] <sicking> yeah, in general i think that when we compare url like things, we should compare them as urls
120. # [00:39] <Hixie> cripes that makes things a lot more complicated for websocket
121. # [00:40] <Hixie> so should relative URLs here be resolved ?
122. # [00:40] <sicking> i don't know anything about websockets
123. # [00:40] <Hixie> how should I handle IDN/punycode?
124. # [00:40] <sicking> i was just told they had something similar as Access-Control-Allow-Origin
125. # [00:41] <Hixie> another reason to not do URL comparison is that we might not always be dealing with URLs, e.g. if bz gets his way and we serialise the unique ID origins too
126. # [00:41] <sicking> so IDN is a good point actually
127. # [00:42] <Hixie> for WebSocket I really fear the mess that will occur if we start reparsing the output from the server
128. # [00:42] <Hixie> the whole point is that we want to make the handshake as hard as possible to fake
129. # [00:42] <sicking> i don't know if www.Å.com is the same as www.å.com
130. # [00:42] <sicking> (not sure if that comes out correct, should be uppercase a-ring vs lowercase a-ring)
131. # [00:43] <sicking> if the web in general consider those same-origin
132. # [00:43] <sicking> but string comparison wouldn't, that seems bad
133. # [00:43] <Hixie> string comparison compares the ASCII serialisation
134. # [00:43] <Hixie> so you would compare the punycode version
135. # [00:43] <Hixie> you can't send non-ASCII over HTTP
136. # [00:43] <Hixie> HTTP doesn't define an encoding beyond ASCII iirc
137. # [00:44] <sicking> are the punycode of the two the same?
138. # [00:47] <Hixie> no idea, but that's not our problem at that point
139. # [00:47] * Quits: smedero (n=smedero@mdp-nat251.mdp.com)
140. # [00:49] <sicking> well, it sort of is if string-comparison results in different behavior than url comparison
141. # [00:51] <Hixie> how can it result in different behaviour?
142. # [00:51] * sicking ponders
143. # [00:53] <sicking> so if the requesting page is www.å.com
144. # [00:54] <sicking> actually, looks like they produce the same punycode
145. # [00:58] * Quits: billmason (n=billmaso@ip75.unival.com) (".")
146. # [01:04] * Quits: dotjay (n=dotjay@nov5th.plus.com) ("/me ⏏")
147. # [01:16] * Joins: erlehmann (n=nils@dslb-088-074-215-046.pools.arcor-ip.net)
148. # [01:28] * Quits: shepazu (n=schepers@207.61.87.91)
149. # [01:31] <sicking> Hixie, so what are the features of websockets that you are concerned about changing?
150. # [01:32] <Hixie> the handshake
151. # [01:32] <Hixie> specifically the processing of websocket-origin and websocket-location
152. # [01:37] * Quits: dglazkov (n=dglazkov@nat/google/x-321d9ffa8a935a84)
153. # [01:52] * Joins: smerp (n=smerp@66.192.95.199)
154. # [01:54] * Quits: svl (n=me@ip565744a7.direct-adsl.nl) ("And back he spurred like a madman, shrieking a curse to the sky.")
155. # [02:03] * Joins: heycam` (n=cam@clm-laptop.infotech.monash.edu.au)
156. # [02:17] * Quits: nessy (n=nessy@124-171-51-52.dyn.iinet.net.au) ("This computer has gone to sleep")
157. # [02:25] * Quits: weinig (n=weinig@nat/apple/x-6ce5e52bc98a044c)
158. # [02:30] * Quits: erlehmann (n=nils@dslb-088-074-215-046.pools.arcor-ip.net) (Read error: 60 (Operation timed out))
159. # [02:35] * Joins: MikeSmith (n=MikeSmit@EM114-48-14-181.pool.e-mobile.ne.jp)
160. # [02:43] * Quits: Lachy (n=Lachlan@203-158-33-215.dyn.iinet.net.au) ("This computer has gone to sleep")
161. # [02:49] * Joins: deane (n=opera@121-72-195-126.dsl.telstraclear.net)
162. # [02:49] * Quits: wakaba (n=wakaba@30.165.210.220.dy.bbexcite.jp) (Read error: 104 (Connection reset by peer))
163. # [02:50] * Joins: wakaba (n=wakaba@30.165.210.220.dy.bbexcite.jp)
164. # [03:05] * Quits: tndH (n=Rob@james-baillie-pc083-137.student-halls.leeds.ac.uk) ("ChatZilla 0.9.83-rdmsoft [XULRunner 1.9.0.1/2008072406]")
165. # [03:07] * Quits: mal (n=mal@nat/google/x-61c8c15eaa5492f0) (Read error: 104 (Connection reset by peer))
166. # [03:11] * Quits: deane (n=opera@121-72-195-126.dsl.telstraclear.net) (Read error: 110 (Connection timed out))
167. # [03:12] * Joins: kingryan (n=ryan@24.5.77.167)
168. # [03:20] * Joins: nessy (n=nessy@203.37.47.194)
169. # [03:21] * Joins: othermaciej_ (n=mjs@nat/apple/x-f9bd20de7fbec06c)
170. # [03:27] * Parts: bdash (n=bdash@fire/developer/bdash)
171. # [03:28] * Quits: othermaciej (n=mjs@17.244.17.249) (Nick collision from services.)
172. # [03:28] * othermaciej_ is now known as othermaciej
173. # [03:50] * Joins: tantek (n=tantek@pool-71-105-211-125.lsanca.dsl-w.verizon.net)
174. # [04:04] * Quits: othermaciej (n=mjs@nat/apple/x-f9bd20de7fbec06c) (Read error: 110 (Connection timed out))
175. # [04:04] * Quits: nessy (n=nessy@203.37.47.194) (Read error: 110 (Connection timed out))
176. # [04:27] * Joins: dglazkov (n=dglazkov@72.14.224.1)
177. # [04:47] * Quits: virtuelv (n=virtuelv@163.80-202-65.nextgentel.com) (Read error: 113 (No route to host))
178. # [04:47] * Joins: virtuelv (n=virtuelv@163.80-202-65.nextgentel.com)
179. # [04:54] * Joins: nessy (n=nessy@124-171-51-52.dyn.iinet.net.au)
180. # [05:03] * Quits: hasather (n=hasather@90-231-107-133-no62.tbcn.telia.com) (Read error: 110 (Connection timed out))
181. # [05:08] * Joins: Thezilch (n=fuz007@cpe-76-171-111-7.socal.res.rr.com)
182. # [05:15] * Joins: othermaciej (n=mjs@c-67-170-213-205.hsd1.ca.comcast.net)
183. # [05:16] * Joins: mal (n=mal@nat/google/x-83e3d8a6e2911459)
184. # [05:19] * Joins: BenMillard (n=cerbera@cpc1-flee1-0-0-cust285.glfd.cable.ntl.com)
185. # [05:21] <othermaciej> Hixie: are you about?
186. # [05:21] <Hixie> vaguely
187. # [05:23] <othermaciej> Hixie: there's a new (highres and otherwise improved) timer API being discussed on webkit-dev - should I propose it for HTML5 or as a standalone spec in Web Apps WG?
188. # [05:24] <Hixie> webapps
189. # [05:24] <Hixie> i have an editor lined up for it
190. # [05:24] <takkaria> wow
191. # [05:25] <othermaciej> I might even be able to edit or co-edit myself.
192. # [05:25] <othermaciej> it seems pretty simple
193. # [05:25] <othermaciej> only complexity is that it kind of conceptually ties into HTML5's event loop
194. # [05:26] <Hixie> afk, bbiab
195. # [05:27] <othermaciej> later
196. # [05:35] * Quits: dglazkov (n=dglazkov@72.14.224.1)
197. # [05:38] * Parts: BenMillard (n=cerbera@cpc1-flee1-0-0-cust285.glfd.cable.ntl.com)
198. # [06:05] * Quits: othermaciej (n=mjs@c-67-170-213-205.hsd1.ca.comcast.net) (Remote closed the connection)
199. # [06:05] * Joins: othermaciej (n=mjs@c-67-170-213-205.hsd1.ca.comcast.net)
200. # [06:25] * Joins: billyjackass (n=MikeSmit@EM114-48-133-39.pool.e-mobile.ne.jp)
201. # [06:26] * Joins: weinig (n=weinig@c-71-198-176-23.hsd1.ca.comcast.net)
202. # [06:40] * Quits: nessy (n=nessy@124-171-51-52.dyn.iinet.net.au) ("This computer has gone to sleep")
203. # [06:41] * Quits: MikeSmith (n=MikeSmit@EM114-48-14-181.pool.e-mobile.ne.jp) (Read error: 110 (Connection timed out))
204. # [06:43] <Hixie> http://www.w3.org/2001/tag/2008/09/23-minutes.html -- the tag appears to be so far removed from what we're trying to do here that our meeting at the tpac ought to be quite interesting
205. # [07:11] * Quits: gavin_ (n=gavin@firefox/developer/gavin) (Remote closed the connection)
206. # [07:11] * Joins: gavin_ (n=gavin@firefox/developer/gavin)
207. # [08:07] <othermaciej> Hixie: reading that belatedly... I see what you mean
208. # [08:09] * Quits: virtuelv (n=virtuelv@163.80-202-65.nextgentel.com) ("Leaving")
209. # [08:11] <othermaciej> how does one run for TAG?
210. # [08:11] <othermaciej> I wonder how much I would hate that
211. # [08:14] <Hixie> othermaciej: an AC rep has to nominate you and you have to be picked
212. # [08:15] <othermaciej> it was mentioned that there are "elected" members in those minutes
213. # [08:15] <Hixie> someone offered to nominate me once
214. # [08:15] <Hixie> i told them in no uncertain terms not to bother
215. # [08:15] <othermaciej> 5 selected by the AC
216. # [08:15] <othermaciej> er
217. # [08:16] <othermaciej> elected
218. # [08:16] <othermaciej> 3 nominated by director
219. # [08:16] <othermaciej> I'm wondering if having someone there with a real-world relationship to the web would help
220. # [08:16] <othermaciej> probably not worth it
221. # [08:17] <Hixie> you have to ask: what is the purpose of the tag
222. # [08:17] <Hixie> what effect can it have on the web
223. # [08:17] <othermaciej> "stewardship of the Web architecture"
224. # [08:17] <Hixie> o_O
225. # [08:17] <othermaciej> I guess participating in a group where my goal would be preventing damage rather than contributing something positive would be a waste of time
226. # [08:20] <othermaciej> reading the process document makes me wince
227. # [08:20] <Hixie> it's not clear to me that the TAG has ever caused harm, other than a few cases where people for some reason felt compelled to somehow change the tag's mind (usually fruitlessly, and later just ignoring them instead)
228. # [08:20] <othermaciej> so much silly process and bureaucracy, which is the ignored when inconvenient
229. # [08:23] * Quits: smerp (n=smerp@66.192.95.199)
230. # [08:23] <Hixie> (and then the harm was just wasting time)
231. # [08:25] <othermaciej> they rarely have managed to get up the energy to waste major amounts of time
232. # [08:26] * Joins: zcorpan (n=zcorpan@pat.se.opera.com)
233. # [08:27] * Quits: zcorpan (n=zcorpan@pat.se.opera.com) (Client Quit)
234. # [08:28] <hsivonen> are those TAG minutes meant to become public?
235. # [08:32] <othermaciej> I think so...
236. # [08:38] * Joins: peter-proc (n=retep@procurios.xs4all.nl)
237. # [08:42] * Quits: othermaciej (n=mjs@c-67-170-213-205.hsd1.ca.comcast.net)
238. # [08:45] <Hixie> why would they not be?
239. # [08:53] * Joins: othermaciej (n=mjs@c-67-170-213-205.hsd1.ca.comcast.net)
240. # [08:59] * Quits: aboodman (n=aboodman@nat/google/x-13aa30b537da0098) (Read error: 110 (Connection timed out))
241. # [09:15] * Joins: virtuelv (n=virtuelv@pat-tdc.opera.com)
242. # [09:16] * Joins: jruderman (n=jruderma@ip68-5-179-249.oc.oc.cox.net)
243. # [09:17] * Joins: Maurice (n=ano@a80-100-71-209.adsl.xs4all.nl)
244. # [09:17] * Joins: erlehmann (n=nils@dslb-088-074-192-194.pools.arcor-ip.net)
245. # [09:21] * Quits: heycam` (n=cam@clm-laptop.infotech.monash.edu.au) ("bye")
246. # [09:21] * Quits: kingryan (n=ryan@24.5.77.167)
247. # [09:30] * roc__ is now known as roc
248. # [09:30] <hsivonen> Hixie: they aren't public now. but I guess that's just a review period thing
249. # [09:31] * Quits: jruderman_ (n=jruderma@ip68-5-179-249.oc.oc.cox.net) (Read error: 110 (Connection timed out))
250. # [09:35] * Quits: othermaciej (n=mjs@c-67-170-213-205.hsd1.ca.comcast.net)
251. # [09:36] <Hixie> i wish people would get over this secrecy nonsense
252. # [09:37] <hsivonen> the people who'd be most offended or advantaged by knowing the secret stuff that might get removed already have access...
253. # [09:37] <Hixie> i know
254. # [09:37] <Hixie> that's what boggles my mind
255. # [09:42] <hsivonen> Hixie: I see you didn't address my pending feedback about line breaks in input type=text. should I start sending comments on the form stuff or assume that there's still pending feedback for stuff that has been migrated to html5 spec?
256. # [09:42] <Hixie> i haven't replied to a single WF2 e-mail yet
257. # [09:42] <hsivonen> ok
258. # [09:42] <Hixie> i'd hold back if you have feedback that i haven't yet dealt with
259. # [09:42] <hsivonen> ok
260. # [09:43] <Hixie> i'm only about half-done on WF2 integration so far
261. # [09:43] <Hixie> it's proving at least as hard as i imagined it would
262. # [09:44] <Hixie> only one more type="" to do!
263. # [09:44] <Hixie> type=image
264. # [09:46] * Joins: othermaciej (n=mjs@c-67-170-213-205.hsd1.ca.comcast.net)
265. # [09:48] <hsivonen> I'm glad to see that the CSS WG said no to versioning syntax: http://www.w3.org/mid/48E4132F.9060201@inkedblade.net
266. # [09:49] <Hixie> css is where i first realised the value of no versioning
267. # [09:59] * Joins: jruderman_ (n=jruderma@ip68-5-179-249.oc.oc.cox.net)
268. # [10:01] * weinig is now known as weinig|sleep
269. # [10:06] * Quits: othermaciej (n=mjs@c-67-170-213-205.hsd1.ca.comcast.net)
270. # [10:12] * Joins: aaronlev_ (n=chatzill@e176244027.adsl.alicedsl.de)
271. # [10:12] * aaronlev_ is now known as aaronlev
272. # [10:14] <hsivonen> the specialness of lang&xml:lang continues to result in insane amounts of code... :-(
273. # [10:16] * Quits: jruderman (n=jruderma@ip68-5-179-249.oc.oc.cox.net) (Read error: 110 (Connection timed out))
274. # [10:16] * Quits: virtuelv (n=virtuelv@pat-tdc.opera.com) ("Leaving")
275. # [10:20] <Hixie> more code than prose?
276. # [10:20] * Joins: virtuelv (n=virtuelv@pat-tdc.opera.com)
277. # [10:20] <hsivonen> Hixie: more code
278. # [10:21] <hsivonen> Hixie: in the Java version of the parser, I want to have a non-browser sanity mode that magically turns lang on HTML elements to xml:lang in the infoset
279. # [10:22] <hsivonen> Hixie: but in the C++ version, I don't want to pay the memory footprint that the feature would take if latent
280. # [10:22] <hsivonen> (and in the Java version not paying for it as RAM footprint would make the code slower)
281. # [10:23] <hsivonen> on top of that, there are all sorts of checks on the validation layer
282. # [10:23] <gpy> morning laddies
283. # [10:23] <hsivonen> different ones for HTML and XHTML
284. # [10:23] <Hixie> sounds like a pain
285. # [10:23] <Hixie> i recommend not supporting xhtml. :-D
286. # [10:23] <Hixie> (only kidding)
287. # [10:24] <hsivonen> If I could go back in time, I'd ask the definers of XML get rid of the xml: stuff and to grandfather lang and id. (and zap xml:space)
288. # [10:24] <Hixie> you'd be ignored like everyone who _did_ ask them to doso
289. # [10:25] <hsivonen> at least I had the foresight to arrange my data structures so that I can just clip my arrays by one element when generating the C++ version
290. # [10:30] <hsivonen> I wonder what would break if we defined lang in HTML to become an attribute whose local name and qualified name are "lang" but the namespace is the XML namespace
291. # [10:31] <hsivonen> on HTML nodes, that is
292. # [10:31] <hsivonen> not on SVG and MathML nodes
293. # [10:31] * Joins: tndH (n=Rob@james-baillie-pc083-137.student-halls.leeds.ac.uk)
294. # [10:33] <Hixie> getAttribute('lang'), for one, if i understand you right
295. # [10:34] <Hixie> also you'd still have a syntax issue, except now lang="" in HTML would be equal to xml:lang="" in XML and lang="" in XML and xml:lang="" in HTML would both be null-namespace attributes with no semantics, leading to no end of extra confusion
296. # [10:34] <hsivonen> Hixie: why? it matches on qualified name, which would be "lang"
297. # [10:34] <Hixie> i thought it matches on name + namespace=null
298. # [10:34] <hsivonen> IIRC, no
299. # [10:34] <Hixie> so how are clashes resolved?
300. # [10:34] <Hixie> oh, qname
301. # [10:35] <Hixie> man that would be so confusing
302. # [10:35] <hsivonen> Hixie: however, it would break setAttribute("lang", 'en')
303. # [10:35] <hsivonen> unless setAttribute were made magic
304. # [10:35] <Hixie> i don't care about lang enough to do this
305. # [10:35] <Hixie> :-)
306. # [10:37] * Joins: jruderman (n=jruderma@ip68-5-179-249.oc.oc.cox.net)
307. # [10:37] <hsivonen> well, in general, namespaces result in an insane amount of code that doesn't do anything useful but has to be there for correctness and compat
308. # [10:37] <Hixie> yes
309. # [10:44] * Quits: virtuelv (n=virtuelv@pat-tdc.opera.com) ("Leaving")
310. # [10:45] * Joins: ROBOd (n=robod@89.122.216.38)
311. # [10:45] * Joins: virtuelv (n=virtuelv@pat-tdc.opera.com)
312. # [10:50] * Joins: Mustafa51 (n=mustafa@122.165.2.34)
313. # [10:52] * Joins: deane (n=opera@121-72-162-76.dsl.telstraclear.net)
314. # [10:52] * Parts: deane (n=opera@121-72-162-76.dsl.telstraclear.net)
315. # [10:53] * Quits: jruderman_ (n=jruderma@ip68-5-179-249.oc.oc.cox.net) (Read error: 110 (Connection timed out))
316. # [10:55] * Joins: deane (n=opera@121-72-162-76.dsl.telstraclear.net)
317. # [10:58] * Joins: othermaciej (n=mjs@c-67-170-213-205.hsd1.ca.comcast.net)
318. # [11:06] * Quits: aaronlev (n=chatzill@e176244027.adsl.alicedsl.de) ("ChatZilla 0.9.83-rdmsoft [XULRunner 1.9.0.1/2008072406]")
319. # [11:17] * Quits: billyjackass (n=MikeSmit@EM114-48-133-39.pool.e-mobile.ne.jp) ("Less talk, more pimp walk.")
320. # [11:18] * Joins: maikmerten (n=maikmert@Lb9b8.l.pppool.de)
321. # [11:30] * Quits: deane (n=opera@121-72-162-76.dsl.telstraclear.net) (Read error: 110 (Connection timed out))
322. # [11:48] * Joins: webben (n=benh@nat/yahoo/x-56cdacec604ba76c)
323. # [12:01] * Joins: myakura (n=myakura@p1226-ipbf3201marunouchi.tokyo.ocn.ne.jp)
324. # [12:03] * Joins: aaronlev (n=chatzill@e176244027.adsl.alicedsl.de)
325. # [12:03] * Quits: Thezilch (n=fuz007@cpe-76-171-111-7.socal.res.rr.com) (Read error: 104 (Connection reset by peer))
326. # [12:07] * Quits: mpt (n=mpt@canonical/launchpad/mpt) (Read error: 60 (Operation timed out))
327. # [12:27] * Joins: mpt (n=mpt@canonical/launchpad/mpt)
328. # [12:37] <annevk2> why is multiple file upload missing? multiple file upload is crucial
329. # [12:48] * Joins: dotjay (n=dotjay@nov5th.plus.com)
330. # [12:52] * Quits: virtuelv (n=virtuelv@pat-tdc.opera.com) ("Leaving")
331. # [12:56] * Joins: virtuelv (n=virtuelv@213.236.208.247)
332. # [12:58] * Philip` now has a streaming HTML-to-XHTML web service, but it takes about 6.5 seconds to convert the 3MB HTML5 spec, which is better than html5lib but not great :-(
333. # [12:59] <Philip`> (It's CPU-bound now, and I can't think of any obvious ways to improve it that don't involve getting a faster CPU)
334. # [13:01] <annevk2> do you use Validator.nu?
335. # [13:01] <olliej> yoyo annevk2
336. # [13:01] <Philip`> I use its parser and serialiser
337. # [13:02] <annevk2> olliej, hey
338. # [13:02] * annevk2 should really go to work; woke up midday due to jetlag
339. # [13:05] <olliej> annevk2: wow, you need an excuse for that?
340. # [13:05] * olliej got to work at 2 today
341. # [13:06] <erlehmann> Philip`: HTML-to-XHTML ? why ?
342. # [13:06] <jgraham> erlehmann: Because takkaria is slow ;)
343. # [13:07] <jgraham> (or rather because html5lib is slow and the validator.nu parser doen't have a way of binding to python and takkaria doesn't have a stable hubbub release yet)
344. # [13:07] <erlehmann> ???
345. # [13:08] <jmb> jgraham: we're working on that (slowly)
346. # [13:08] <jgraham> Which means that parsing html in python is slow whereas parsing xml is fast
347. # [13:09] <jgraham> So html->xml using validator.nu followed by xml parsing in python might be faster than html5lib
348. # [13:10] <erlehmann> yay
349. # [13:10] <jgraham> jmb: I was being tounge in cheek abot blaming you :) Although I am very much looking forward to hubbub
350. # [13:10] <Philip`> erlehmann: What jgraham said :-)
351. # [13:10] <jmb> jgraham: aye
352. # [13:13] * Quits: webben (n=benh@nat/yahoo/x-56cdacec604ba76c)
353. # [13:14] * Quits: tndH (n=Rob@james-baillie-pc083-137.student-halls.leeds.ac.uk) (Read error: 110 (Connection timed out))
354. # [13:14] <annevk2> olliej, well, usually when I'm in Oslo I try to work 10-6 since I'm not here that often and most people work those hours
355. # [13:14] <olliej> annevk2: it's 4am and i'm still alive
356. # [13:14] <olliej> s/alive/at the office ;)
357. # [13:15] <annevk2> ouch
358. # [13:15] <annevk2> also, friday beer and general shutdown today is at 5PM
359. # [13:15] <olliej> annevk2: ah
360. # [13:15] <olliej> annevk2: i've just been trapped in MSVC hell
361. # [13:15] <annevk2> anyway, got to go
362. # [13:15] * Parts: annevk2 (n=annevk@85.196.122.246)
363. # [13:18] * olliej is now known as fakeolliej
364. # [13:19] * Quits: erlehmann (n=nils@dslb-088-074-192-194.pools.arcor-ip.net) (Remote closed the connection)
365. # [13:23] <hsivonen> Philip`: what was the problem with HTML2XML and escapes?
366. # [13:24] <hsivonen> whoa!
367. # [13:24] <hsivonen> that's a weird bug
368. # [13:29] <hsivonen> just a break statement missing
369. # [13:30] <hsivonen> I'm amazed the bug was there for so long without getting noticed
370. # [13:31] <hsivonen> Philip`: fixed in SVN
371. # [13:32] <hsivonen> Philip`: thanks
372. # [13:33] <hsivonen> well, it didn't render output ill-formed, so I guess an XML serializer can do something very bogus and still not get caught by an XML parser
373. # [13:33] <hsivonen> so now Philip` has found a bug in my XML serializer but still not a bug causing ill-formedness :-)
374. # [13:36] * Joins: annevk2 (n=annevk@pat-tdc.opera.com)
375. # [13:46] <annevk2> the spec even says "There must be no more than one file in the list of selected files." :/
376. # [13:46] * Quits: wakaba (n=wakaba@30.165.210.220.dy.bbexcite.jp) (Read error: 104 (Connection reset by peer))
377. # [13:46] * Joins: wakaba (n=wakaba@30.165.210.220.dy.bbexcite.jp)
378. # [13:52] <hsivonen> Philip`: javadocs about default policy also fixed in SVN. thanks
379. # [13:54] <annevk2> Hixie, fwiw, I agree with you on string comparison; also note that it's not exactly a same origin check as you need an additional check for the path component which sicking neglected to mention
380. # [13:55] <annevk2> maybe s/neglected/forgot/
381. # [13:56] <annevk2> (that is, making sure the path component is not specified at all so that Access-Control-Allow-Origin: http://example.com/ fails)
382. # [14:00] * Joins: webben (n=benh@nat/yahoo/x-dc44f76e832b83d4)
383. # [14:14] <Philip`> hsivonen: If your criteria is limited to ill-formedness bugs and doesn't count other bugs, then the implementation is trivial, since you could write "String serialize(Document doc) { return "<foo/>"; }" and it would never be ill-formed :-)
384. # [14:16] <Philip`> hsivonen: Is there an easy way I can compile a new htmlparser-....jar with the fixed code?
385. # [14:18] <hsivonen> Philip`: no. I'll build a new jar.
386. # [14:22] * Joins: sbublava (n=stephan@77.118.171.29)
387. # [14:26] * Joins: erlehmann (n=nils@dslb-088-074-192-194.pools.arcor-ip.net)
388. # [14:28] * Joins: Lachy (n=Lachlan@203-158-33-215.dyn.iinet.net.au)
389. # [14:41] <hsivonen> Philip`: new version released: http://about.validator.nu/htmlparser/
390. # [14:42] <hsivonen> (wow. now I've actually had to make a new release because of an XML serializer bug Philip` found...)
391. # [14:42] <annevk2> is there some way to instantiate Validator.nu and get a Python bound libxml tree as output?
392. # [14:44] <hsivonen> annevk2: locally, you can invoke java -cp htmlparser-1.1.1.jar nu.validator.htmlparser.tools.HTML2XML and pipe the input HTML to it, pipe the XML out and parse it with libxml in Python
393. # [14:45] <annevk2> it seems that DreamHost has JDK so it might be worth looking into that
394. # [14:45] <hsivonen> hopefully later you could use the C++ translator with a type mapper that maps to the Python C API types instead of NSPR/XPCOM types
395. # [14:45] <annevk2> for Anolis, that is
396. # [14:46] <hsivonen> annevk2: Didn't Philip` just make a network service that is equivalent to HTML2XML?
397. # [14:46] <hsivonen> (and that saves the JVM startup overhead)
398. # [14:47] <annevk2> it does involve downloading 3MB in case of HTML5
399. # [14:47] <annevk2> twice
400. # [14:47] <hsivonen> good point
401. # [14:47] <Philip`> hsivonen: Thanks!
402. # [14:47] <Philip`> annevk2: You really don't want to start up a new JVM each time you want to parse a document
403. # [14:47] <annevk2> though maybe Philip` is working on Anolis now in which case I don't have to :)
404. # [14:48] <hsivonen> you could also try compiling nu.validator.htmlparser.tools.HTML2XML with GCJ to avoid the JVM overhead
405. # [14:48] <Philip`> but you could run the web service thing (which is just a trivial wrapper around Jetty and the parser/serialiser) locally
406. # [14:49] <hsivonen> Philip`: on dreamhost, doing so requires dreamhost PS
407. # [14:49] <hsivonen> Philip`: not allowed on regular accounts
408. # [14:49] <Philip`> hsivonen: Oh, that could be a problem
409. # [14:49] <Philip`> annevk2: It's much less than 3MB if you compress it :-)
410. # [14:49] <Philip`> but then it'll get CPU-bound more easily
411. # [14:50] <annevk2> why would the JVM not be on by default btw?
412. # [14:50] <Philip`> Without compression, it takes about 6 seconds (on my very limited CPU) which is 500KB/s which isn't really much
413. # [14:51] <Philip`> so you shouldn't really need to worry about bandwidth usage
414. # [14:51] <hsivonen> annevk2: IIRC, Dreamhost default accounts allow you to run Java programs by default but you aren't allowed to leave the processes sitting in the RAM
415. # [14:52] <hsivonen> and leaving the process waiting is the whole point of avoiding the JVM startup overhead
416. # [14:52] <Philip`> (Hmm, 25% of the runtime is in sun.nio.cs.UTF_8$Encoder.encodeArrayLoop)
417. # [14:52] * Joins: virtuelv_ (n=virtuelv@pat-tdc.opera.com)
418. # [14:53] <hsivonen> Philip`: do you have ICU4J in classpath?
419. # [14:53] <annevk2> ok, Java support indeed there
420. # [14:53] <Philip`> There's the HotSpot overhead too, since it's really slow the first time you try to pass a document through the process
421. # [14:53] <Philip`> hsivonen: Hmm... No
422. # [14:53] * Joins: tndH (n=Rob@james-baillie-pc083-137.student-halls.leeds.ac.uk)
423. # [14:53] <annevk2> but I suppose I can use the service from Philip`
424. # [14:53] <hsivonen> Philip`: just wondering if the IBM UTF-8 impl is any faster
425. # [14:54] * Joins: hasather (n=hasather@90-231-107-133-no62.tbcn.telia.com)
426. # [14:54] * hsivonen wonders how many distributed moving parts the spec generation now has...
427. # [14:54] <annevk2> but is Validator.nu much faster than the libxml HTML parser? that's currently being used and already it's slow :/
428. # [14:55] <Philip`> hsivonen: It still says it's spending lots of time in sun.nio.cs.UTF_8$Encoder.encodeArrayLoop
429. # [14:55] * Parts: dotjay (n=dotjay@nov5th.plus.com)
430. # [14:55] <hsivonen> Philip`: ok. I guess it's not picking up the ICU4J code automatically :-(
431. # [14:55] <Philip`> I presume it is actually using ICU4J now, since it's got some calls to com.ibm.icu.charset.UConverterDataReader.readMBCSTable too
432. # [14:56] <hsivonen> Philip`: from the name, that looks like a static method that runs on initial class loading
433. # [14:56] <Philip`> hsivonen: Oh, okay
434. # [14:57] <hsivonen> annevk2: I haven't benchmarked the Validator.nu parser against libxml2
435. # [15:02] * Quits: othermaciej (n=mjs@c-67-170-213-205.hsd1.ca.comcast.net) (Read error: 104 (Connection reset by peer))
436. # [15:03] * Joins: aroben (n=aroben@unaffiliated/aroben)
437. # [15:04] <Philip`> annevk2: On my computer, parsing/reserialising the spec with libxml2 (via a Python script) takes about 0.55 seconds and with validator.nu (via (local) HTTP) takes about 0.75 seconds
438. # [15:06] <annevk2> so it won't go faster
439. # [15:06] <annevk2> but since libxml2 html can't be used...
440. # [15:07] * Joins: smerp (n=smerp@66.192.95.199)
441. # [15:08] <Philip`> If the UTF-8 encoding took zero time then it'd be faster than libxml2 :-)
442. # [15:09] * Quits: virtuelv (n=virtuelv@213.236.208.247) (Read error: 113 (No route to host))
443. # [15:09] <annevk2> I should also figure out how to make Python run faster on DreamHost
444. # [15:21] <Philip`> hsivonen: http://about.validator.nu/htmlparser/ - "Fixed JavaDocs about XML violatation policy defaults." - s/violatation/violation/
445. # [15:22] <hsivonen> Philip`: thanks. fixed
446. # [15:23] * Joins: csarven (n=csarven@80.76.201.52)
447. # [15:30] * Quits: myakura (n=myakura@p1226-ipbf3201marunouchi.tokyo.ocn.ne.jp) ("Leaving...")
448. # [15:34] * Quits: Lachy (n=Lachlan@203-158-33-215.dyn.iinet.net.au) ("Leaving")
449. # [15:51] * Joins: maikmerten_ (n=maikmert@L8108.l.pppool.de)
450. # [15:55] * Quits: Mustafa51 (n=mustafa@122.165.2.34)
451. # [15:58] * Quits: sbublava (n=stephan@77.118.171.29)
452. # [16:11] * Quits: maikmerten (n=maikmert@Lb9b8.l.pppool.de) (Read error: 110 (Connection timed out))
453. # [16:16] * Joins: smedero (n=smedero@mdp-nat251.mdp.com)
454. # [16:32] * Joins: tantek_ (n=tantek@pool-71-105-211-125.lsanca.dsl-w.verizon.net)
455. # [16:32] * Quits: tantek (n=tantek@pool-71-105-211-125.lsanca.dsl-w.verizon.net) (Read error: 104 (Connection reset by peer))
456. # [16:40] * Joins: billmason (n=billmaso@ip75.unival.com)
457. # [16:42] * Joins: dglazkov (n=dglazkov@c-24-130-144-56.hsd1.ca.comcast.net)
458. # [16:42] * Joins: dglazkov_ (n=dglazkov@72.14.224.1)
459. # [16:45] * Quits: tndH (n=Rob@james-baillie-pc083-137.student-halls.leeds.ac.uk) ("ChatZilla 0.9.83-rdmsoft [XULRunner 1.9.0.1/2008072406]")
460. # [16:58] * Quits: dglazkov (n=dglazkov@c-24-130-144-56.hsd1.ca.comcast.net) (Read error: 110 (Connection timed out))
461. # [17:06] * Quits: dglazkov_ (n=dglazkov@72.14.224.1)
462. # [17:10] * Joins: aaronlev_ (n=chatzill@e176233241.adsl.alicedsl.de)
463. # [17:13] * Joins: tndH (n=Rob@james-baillie-pc083-137.student-halls.leeds.ac.uk)
464. # [17:18] * Quits: aaronlev (n=chatzill@e176244027.adsl.alicedsl.de) (Read error: 60 (Operation timed out))
465. # [17:23] * Quits: peter-proc (n=retep@procurios.xs4all.nl) (Read error: 104 (Connection reset by peer))
466. # [17:25] * Quits: Maurice (n=ano@a80-100-71-209.adsl.xs4all.nl) (Read error: 60 (Operation timed out))
467. # [17:26] <gsnedders> id=draft-recommendation-&mdash;-date:-01-jan-1901 — that really isn't nice.
468. # [17:26] * Joins: Maurice (n=ano@a80-100-71-209.adsl.xs4all.nl)
469. # [17:27] <annevk2> do IDs after dates?
470. # [17:28] <Philip`> Why does it need an id at all?
471. # [17:28] <gsnedders> Philip`: Currently all headers get ids
472. # [17:29] <gsnedders> annevk2: Then it changes every time the date changes
473. # [17:29] * Joins: dglazkov (n=dglazkov@nat/google/x-fc05fd8f8e6b83e9)
474. # [17:29] <Philip`> gsnedders: Why? It seems pointless if nothing is linking to it
475. # [17:29] * gsnedders can't remember
476. # [17:29] <gsnedders> There was a reason
477. # [17:30] <Philip`> and for the headings where you might actually want to externally link to, like the status and abstract, they already have explicit non-auto-generated id values in the source
478. # [17:30] <gsnedders> Yeah, that isn't changed.
479. # [17:32] * Quits: erlehmann (n=nils@dslb-088-074-192-194.pools.arcor-ip.net) (Remote closed the connection)
480. # [17:44] * Joins: svl (n=me@ip565744a7.direct-adsl.nl)
481. # [17:44] * Joins: aaronlev__ (n=chatzill@e176233241.adsl.alicedsl.de)
482. # [17:44] * aaronlev__ is now known as aaronlev
483. # [17:50] * Quits: Maurice (n=ano@a80-100-71-209.adsl.xs4all.nl) ("Disconnected...")
484. # [17:51] * Quits: smedero (n=smedero@mdp-nat251.mdp.com)
485. # [17:56] * Quits: aaronlev_ (n=chatzill@e176233241.adsl.alicedsl.de) (Read error: 110 (Connection timed out))
486. # [18:00] * Joins: erlehmann (n=nils@dslb-088-074-192-194.pools.arcor-ip.net)
487. # [18:03] * Joins: smedero (n=smedero@mdp-nat251.mdp.com)
488. # [18:10] <erlehmann> why does XHTML 5 not attempt to provide a replacement for the modularization scheme defined and used by XHTML 1.1 ?
489. # [18:11] <Philip`> erlehmann: Because the people developing XHTML 5 do not see any value in defining a modularisation scheme, as far as I'm aware
490. # [18:12] <Philip`> (No value to the web, in particular)
491. # [18:12] <erlehmann> Philip`: i used the modularisation to allow specific XHTML tags in comments.
492. # [18:12] <hsivonen> erlehmann: couldn't you have done that with a monolithic schema by deleting stuff from it?
493. # [18:13] <Philip`> erlehmann: Why does modularisation help, rather than just you writing a list of the elements and attributes you want to permit?
494. # [18:13] <erlehmann> yeah, but i'd have to write the DTDs myself ;)
495. # [18:13] <hsivonen> erlehmann: what happens when you and the XHTML2 WG disagree on the grouping of elements?
496. # [18:14] <erlehmann> hsivonen: they'll probably win
497. # [18:14] <hsivonen> erlehmann: have you ever wanted to allow one but disallow another element within one module (as defined by the XHTML 2 WG)?
498. # [18:14] <erlehmann> i'm no match for the internet alite
499. # [18:14] <erlehmann> no.
500. # [18:17] * Quits: virtuelv_ (n=virtuelv@pat-tdc.opera.com) ("Leaving")
501. # [18:19] * Quits: tndH (n=Rob@james-baillie-pc083-137.student-halls.leeds.ac.uk) ("ChatZilla 0.9.83-rdmsoft [XULRunner 1.9.0.1/2008072406]")
502. # [18:25] <gsnedders> BenMillard: 3:19.594, with a large mistake going into the Porsche Curves on RM/RM
503. # [18:29] * Quits: aaronlev (n=chatzill@e176233241.adsl.alicedsl.de) ("ChatZilla 0.9.83-rdmsoft [XULRunner 1.9.0.1/2008072406]")
504. # [18:39] * Quits: mpt (n=mpt@canonical/launchpad/mpt) ("Ex-Chat")
505. # [19:18] * Quits: weinig|sleep (n=weinig@c-71-198-176-23.hsd1.ca.comcast.net)
506. # [19:19] * Joins: Maurice (n=copyman@cc90688-a.emmen1.dr.home.nl)
507. # [19:22] <Philip`> Why does no normal web server with reverse proxying cope with streaming transfers? :-(
508. # [19:23] <Philip`> All I want it to do is redirect the request to another server, and redirect the response back, without buffering everything in the middle
509. # [19:24] <Philip`> (If I remember correctly, Apache and Lighttpd buffer the whole response, and Nginx also buffers the whole request)
510. # [19:24] * Joins: aboodman (n=aboodman@nat/google/x-e50912b7f93cc9b6)
511. # [19:28] * Quits: aboodman (n=aboodman@nat/google/x-e50912b7f93cc9b6) (Client Quit)
512. # [19:47] * Joins: tndH (n=Rob@james-baillie-pc083-137.student-halls.leeds.ac.uk)
513. # [19:48] * Quits: erlehmann (n=nils@dslb-088-074-192-194.pools.arcor-ip.net)
514. # [19:57] * Joins: aaronlev (n=chatzill@e176233241.adsl.alicedsl.de)
515. # [19:57] * Joins: erlehmann (n=nils@dslb-088-074-192-194.pools.arcor-ip.net)
516. # [19:59] * Joins: weinig (n=weinig@nat/apple/x-85571cd12e0e6794)
517. # [20:08] * Quits: webben (n=benh@nat/yahoo/x-dc44f76e832b83d4) (Connection timed out)
518. # [20:09] * Joins: BenMillard (n=cerbera@cpc1-flee1-0-0-cust285.glfd.cable.ntl.com)
519. # [20:42] * Quits: erlehmann (n=nils@dslb-088-074-192-194.pools.arcor-ip.net) (Remote closed the connection)
520. # [20:54] * weinig is now known as zeinig
521. # [20:54] * zeinig is now known as weinig
522. # [21:02] * weinig is now known as zeinig
523. # [21:06] * zeinig is now known as weinig
524. # [21:12] * weinig is now known as weinig|food
525. # [21:14] * Joins: erlehmann (n=nils@dslb-088-074-192-194.pools.arcor-ip.net)
526. # [21:28] <Philip`> Aha, Squid does reverse proxying properly
527. # [21:28] <Philip`> though it only supports HTTP 1.0
528. # [21:29] <Philip`> so if I use curl with default options then it gets an error message, because curl tries sending Expect: 100-continue which Squid doesn't like
529. # [21:30] <Philip`> HTTP is so nice
530. # [21:34] <Hixie> annevk2: i want to do multiple file uploads with something other than min/max
531. # [21:39] * Parts: BenMillard (n=cerbera@cpc1-flee1-0-0-cust285.glfd.cable.ntl.com)
532. # [21:43] * Joins: aboodman (n=aboodman@nat/google/x-9c8b3304068ec172)
533. # [21:43] * Joins: renke2 (n=user@Lfe59.l.pppool.de)
534. # [21:53] * Quits: renke2 (n=user@Lfe59.l.pppool.de) (Remote closed the connection)
535. # [21:55] <weinig|food> Hixie: what were you thinking about besides min/max?
536. # [21:55] * weinig|food is now known as weinig
537. # [21:55] * weinig is about to implement multiple file uploads
538. # [21:58] <Hixie> i dunno
539. # [21:58] <Hixie> count="" or something maybe
540. # [21:58] <Hixie> or multiple=""
541. # [21:59] <Hixie> like on <select>
542. # [22:01] * weinig nods
543. # [22:01] * weinig thinks min/max is awkward for it
544. # [22:01] <aboodman> i think multiple would be better than min/max fwiw
545. # [22:02] <Hixie> yeah it's totally overloading min max in a silly way
546. # [22:02] <Hixie> i like multiple
547. # [22:02] <Hixie> but i only just thought of it
548. # [22:02] <Hixie> i haven't really looked at this carefully
549. # [22:02] <aboodman> cprince brought this up a long time ago, but i forgot to ever mention it. sorry.
550. # [22:08] * Quits: aroben (n=aroben@unaffiliated/aroben) (Read error: 104 (Connection reset by peer))
551. # [22:11] * Quits: Amorphous (i=jan@unaffiliated/amorphous) (Read error: 110 (Connection timed out))
552. # [22:14] * Joins: Amorphous (i=jan@unaffiliated/amorphous)
553. # [22:22] <annevk2> hmm, I don't care strongly either way on the method I suppose, but it's needed
554. # [22:23] <annevk2> just having a simple boolean attribute might be enough
555. # [22:24] * Joins: othermaciej (n=mjs@c-67-170-213-205.hsd1.ca.comcast.net)
556. # [22:26] * Quits: othermaciej (n=mjs@c-67-170-213-205.hsd1.ca.comcast.net) (Read error: 54 (Connection reset by peer))
557. # [22:27] * Quits: aaronlev (n=chatzill@e176233241.adsl.alicedsl.de) (Read error: 110 (Connection timed out))
558. # [22:27] * Joins: othermaciej (n=mjs@c-67-170-213-205.hsd1.ca.comcast.net)
559. # [22:27] * Quits: csarven (n=csarven@80.76.201.52) (Remote closed the connection)
560. # [22:28] * Joins: kangax (n=kangax@74.201.136.194)
561. # [22:32] <erlehmann> Hixie: wouldn't it be multiple="multiple" ?
562. # [22:32] <Hixie> it would be a boolean attribute called "multiple"
563. # [22:32] <Hixie> i just use ="" to mean "attribute"
564. # [22:32] <Hixie> anyway, afk, bbiab
565. # [22:32] <annevk2> also, boolean attributes in HTML5 are allowed to have the empty string as value
566. # [22:36] <erlehmann> empty means what exactly ? true or false ?
567. # [22:36] <erlehmann> also, a tagcloud is a nav element, amirite ?
568. # [22:37] <annevk2> if the attribute is present, true, false otherwise
569. # [22:39] * Quits: ROBOd (n=robod@89.122.216.38) ("http://www.robodesign.ro")
570. # [22:40] * Quits: maikmerten_ (n=maikmert@L8108.l.pppool.de) (Remote closed the connection)
571. # [22:40] * Quits: tndH (n=Rob@james-baillie-pc083-137.student-halls.leeds.ac.uk) (Read error: 110 (Connection timed out))
572. # [22:47] * Joins: KevinMarks (n=KevinMar@82-68-84-27.dsl.in-addr.zen.co.uk)
573. # [22:54] * Quits: hasather (n=hasather@90-231-107-133-no62.tbcn.telia.com) (Read error: 110 (Connection timed out))
574. # [22:58] * Joins: othermaciej_ (n=mjs@c-67-170-213-205.hsd1.ca.comcast.net)
575. # [22:58] * Quits: othermaciej (n=mjs@c-67-170-213-205.hsd1.ca.comcast.net) (Read error: 104 (Connection reset by peer))
576. # [22:58] * weinig is now known as weinig|away
577. # [23:06] * Joins: csarven (n=csarven@modemcable144.140-202-24.mc.videotron.ca)
578. # [23:16] * Joins: virtuelv (n=virtuelv@163.80-202-65.nextgentel.com)
579. # [23:28] * Joins: BenMillard (i=cerbera@cpc1-flee1-0-0-cust285.glfd.cable.ntl.com)
580. # [23:38] * othermaciej_ is now known as othermaciej
581. # [23:41] <Hixie> tag clouds are a list
582. # [23:41] * Quits: aboodman (n=aboodman@nat/google/x-9c8b3304068ec172)
583. # [23:42] <Hixie> probably an unordered list with an attribute (e.g. data-freq="") giving the frequency (there's no semantic in html for marking up the frequency really)
584. # [23:45] <annevk2> nested <em>
585. # [23:46] <annevk2> glad to hear multiple files will be fixed
586. # [23:47] <annevk2> i'm ok with it not being max=n I think, it doesn't really matter that much
587. # [23:47] <annevk2> though we might have to support both for a couple of releases
588. # [23:59] * fakeolliej is now known as olliej
589. # Session Close: Sat Oct 04 00:00:00 2008

The end :)