/irc-logs / freenode / #whatwg / 2011-02-03 / end

Options:

# Session Start: Thu Feb 03 00:00:00 2011
# Session Ident: #whatwg
# [00:00] * Quits: kbrosnan (~kbrosnan@firefox/community/qa/kbrosnan) (Quit: leaving)
# [00:01] * Joins: kbrosnan (~kbrosnan@firefox/community/qa/kbrosnan)
# [00:06] * Quits: justinhjohnson (~Adium@67-131-94-2.dia.static.qwest.net) (Quit: Leaving.)
# [00:08] * Quits: mpt (~mpt@canonical/mpt) (Ping timeout: 245 seconds)
# [00:11] * Joins: homata (~homata@58x158x182x50.ap58.ftth.ucom.ne.jp)
# [00:13] <TabAtkins> Hixie: The intent of accept=image/*, etc is that browsers can let the user record an image with their webcam, right?
# [00:14] <TabAtkins> If so, could you add a note to that effect? It's not at all obvious that this is intended to be a hint to offer protected hardware access.
# [00:14] <TabAtkins> I can send an email if necessary.
# [00:15] * Joins: justinhjohnson (~Adium@67-131-94-2.dia.static.qwest.net)
# [00:15] <Hixie> e-mail would be good, i'm deep in script land
# [00:15] <TabAtkins> kk
# [00:16] <Hixie> trying to translate hsivonen's suggestion into something that's readable in the spec
# [00:16] * Quits: franksalim_ (~frank@99-123-6-19.lightspeed.sntcca.sbcglobal.net) (Read error: Connection reset by peer)
# [00:16] <Hixie> which is proving harder than i'd hoped, partly because the simplest way to avoid triple-negatives is to reverse the meaning of his flag
# [00:16] <Hixie> from force-async to honour-async
# [00:16] <Hixie> and revert all the logic accordingly
# [00:16] * Joins: franksalim_ (~frank@99-123-6-19.lightspeed.sntcca.sbcglobal.net)
# [00:16] <TabAtkins> You can't use a single negative?
# [00:17] <Hixie> they're not actually negatives
# [00:17] <Hixie> they're exceptions and stuff
# [00:18] <Hixie> either i have to have the flag be set to false then set to true in a whole bunch of complicated cases, or i can have the opposite flag default to false and have it set to true in a single case
# [00:18] * Quits: boaz (~boaz@64.119.153.2) (Quit: boaz)
# [00:19] <TabAtkins> Oh, if it's just a flag then reverse away.
# [00:19] <Hixie> hsivonen doesn't like it when i make editorial changes to his proposals
# [00:19] <TabAtkins> Too bad!
# [00:19] <Hixie> hrm, hsivonen's proposal makes document.write() work different than innerHTML
# [00:20] <Hixie> i wonder why he did that
# [00:20] * Quits: franksalim_ (~frank@99-123-6-19.lightspeed.sntcca.sbcglobal.net) (Read error: Connection reset by peer)
# [00:20] * Joins: franksalim_ (~frank@99-123-6-19.lightspeed.sntcca.sbcglobal.net)
# [00:21] * Quits: davidwalsh (~davidwals@75-135-74-55.dhcp.mdsn.wi.charter.com) (Quit: Reading http://davidwalsh.name)
# [00:21] <Hixie> hm, in fact his proposal states something that's false (that innerHTML doesn't set parser-inserted). odd.
# [00:21] * Joins: MikeSmith (~MikeSmith@2002:d106:7be0:1234:219:e3ff:fe08:8ad3)
# [00:22] * Quits: Xano (~bart@524BF837.cm-4-4d.dynamic.ziggo.nl) (Quit: Beer o'clock!)
# [00:22] * Joins: franksalim__ (~frank@99-123-6-19.lightspeed.sntcca.sbcglobal.net)
# [00:22] <Hixie> man, i really don't like this script.async crap
# [00:23] <Hixie> i hope the people who think the spec matches exactly what i want are watching
# [00:24] * Quits: mpilgrim (~pilgrim@rrcs-24-206-36-125.midsouth.biz.rr.com) (Ping timeout: 240 seconds)
# [00:25] <Dashiva> Hixie: In the interest of stating the obvious, even if they did they wouldn't admit it :P
# [00:25] * Quits: xtoph (~xtoph@213.47.185.206)
# [00:25] <Hixie> yeah, i know
# [00:26] * Quits: franksalim__ (~frank@99-123-6-19.lightspeed.sntcca.sbcglobal.net) (Read error: Connection reset by peer)
# [00:26] * Quits: franksalim_ (~frank@99-123-6-19.lightspeed.sntcca.sbcglobal.net) (Ping timeout: 272 seconds)
# [00:26] * Joins: franksalim (~frank@99-123-6-19.lightspeed.sntcca.sbcglobal.net)
# [00:27] <Hixie> i guess it's kinda funny that nobody wants the spec to look like it is, but some people feel they somehow deserve to have the spec say what they want, and they therefore accuse me of having the spec say what I want
# [00:28] <Hixie> it's like they assume that because they don't have what they want, and because I'm the one denying them what they want, I must be getting what _I_ want.
# [00:29] <MikeSmith> http://en.wikipedia.org/wiki/Psychological_projection
# [00:30] <MikeSmith> esp. http://en.wikipedia.org/wiki/Psychological_projection#Counter-projection
# [00:30] <MikeSmith> "an obsession to continue and remain in a recurring trauma-causing situation and the compulsive obsession with the perceived perpetrator of the trauma or its projection"
# [00:31] * Quits: FireFly (~firefly@unaffiliated/firefly) (Quit: swatted to death)
# [00:31] * Quits: danbri (~danbri@ip176-48-210-87.adsl2.static.versatel.nl) (Remote host closed the connection)
# [00:33] * _bga is now known as bga_|away
# [00:34] * Quits: nessy (~Adium@74.125.56.18) (Remote host closed the connection)
# [00:36] * Quits: benschwarz (~ben@59.167.185.148) (Quit: benschwarz)
# [00:36] * Joins: nessy (~Adium@74.125.56.18)
# [00:36] * Joins: benschwarz (~ben@59.167.185.148)
# [00:38] <AryehGregor> Yay: https://grepular.com/Abusing_HTTP_Status_Codes_to_Expose_Private_Information
# [00:38] <AryehGregor> Is that known?
# [00:40] <Hixie> abarth: thanks (re mail)
# [00:40] <abarth> np
# [00:42] <TabAtkins> AryehGregor: It's known in that I knew about it on the 21st.
# [00:42] <Hixie> AryehGregor: interesting. Seems like an easier-to-fix problem than the cache attack
# [00:42] * Joins: ZombieLoffe (~e@unaffiliated/zombieloffe)
# [00:42] <Hixie> where you time how long it takes to download an image from a particular site
# [00:42] <Hixie> and if that time is low, you assume the user went there
# [00:42] <karlcow> AryehGregor: yeah I posted it a few days ago
# [00:43] <Hixie> i guess if we want to fix this we just make onerror/onload for images only fire same-origin
# [00:43] * Joins: KDN (~KDN@202.171.164.210)
# [00:45] * Joins: Lachy (~Lachlan@cm-84.215.59.50.getinternet.no)
# [00:47] <AryehGregor> I wonder how many sites that will break.
# [00:48] <TabAtkins> Hixie: Just make images only load same-origin.
# [00:49] <roc> hahaha
# [00:50] <roc> making onerror/onload only fire for same-origin images won't help here
# [00:50] <roc> at least not for the GMail case
# [00:50] <roc> you can inspect the size of the image to find out of it loaded or not
# [00:51] <AryehGregor> This is why we need a "no hotlinking" header.
# [00:51] <AryehGregor> What's the story on that? Anyone working on it?
# [00:51] <AryehGregor> I guess you could ask why not use Referer/Origin sniffing.
# [00:51] * Quits: pererik (~pe@unaffiliated/pererik) (Read error: Operation timed out)
# [00:52] <gsnedders> AryehGregor: could you not do something with CORS, and make it possible to have a default * mode?
# [00:52] <Hixie> roc: true
# [00:52] <roc> did you read the conversation about this yesterday? :-)
# [00:52] <AryehGregor> Didn't I participate?
# [00:52] <AryehGregor> (toward the end)
# [00:52] <roc> AryehGregor: not without annevk getting on your case :-)
# [00:52] * Hixie did not
# [00:52] <roc> er, that was for gsnedders
# [00:52] * Quits: ttepasse (~ttepasse@ip-109-90-161-169.unitymediagroup.de) (Read error: Connection reset by peer)
# [00:52] * Joins: pererik (~pe@unaffiliated/pererik)
# [00:52] <AryehGregor> In the end, is anyone working on either specs or implementations for such a feature, and if not, why not?
# [00:52] <gsnedders> roc: No :)
# [00:52] <AryehGregor> It sounds really simple.
# [00:53] * Quits: Frippe (~Frippe@238.218.216.81.static.hud.siw.siwnet.net) (Quit: Computer has gone to sleep)
# [00:53] * bga_|away is now known as bga_
# [00:53] <MikeSmith> gsnedders, jgraham, whoever else might be interested - http://www.wirfs-brock.com/allen/things/es5-technial-notes-and-resources
# [00:55] <roc> AryehGregor: Referer/Origin sniffing has two problems: a) it's harder to deploy (you need to read and process headers instead of just sending a static header), and b) making the decision in the browser means it works even if someone strips Origin headers in the network (which they might do for reasonable privacy reasons)
# [00:55] <AryehGregor> Right.
# [00:55] <AryehGregor> I'm all for a new header.
# [00:55] <AryehGregor> So is there some reason no one's working on it?
# [00:56] <roc> yes
# [00:56] <roc> we're all very very busy
# [00:56] <gsnedders> Busy? I missed a CSS WG telecon today because I was drinking.
# [00:56] <roc> ok, except for those Opera guys
# [00:56] <AryehGregor> Does anything important happen in CSS WG telecons, or are they like HTML WG telecons?
# [00:57] <TabAtkins> gsnedders: It wasn't useful today.
# [00:57] <gsnedders> AryehGregor: A fair number of decisions are made on them, so yes
# [00:57] <TabAtkins> AryehGregor: They're usually at least moderately useful. The past few months have been almost entirely about CSS2.1 testsuite issues, though.
# [00:57] * Quits: benschwarz (~ben@59.167.185.148) (Read error: Operation timed out)
# [00:57] <gsnedders> roc: Hey, I am a student 100% of the time, so I'm meant to behave like that. :P
# [00:58] <TabAtkins> Today was about a few 2.1 things, then we spent the rest of the time talking about Speech because the editor doesn't realize he can make decisions now and let people object later.
# [00:59] * Joins: benschwarz (~ben@59.167.185.148)
# [00:59] <othermaciej> AryehGregor: I might work on proposal for and/or WebKit implementation of an anti-hotlinking header
# [00:59] <AryehGregor> Yay.
# [01:00] <othermaciej> I only thought of it a few days ago, so haven't actually done anything on it yet
# [01:00] <TabAtkins> I still think an anti-hotlinking header is putting the complexity on the wrong case, but I'm okay with it because it's so simple and it can be used on general resources.
# [01:01] <AryehGregor> What's your preferred alternative?
# [01:01] <othermaciej> well, for defense against image hotlinking, it seems like the only plausible solution
# [01:01] <TabAtkins> @font-face always using SOP, then relaxing that with CORS.
# [01:01] <AryehGregor> It makes more sense to be same-origin by default, but that ship sailed about 18 years ago.
# [01:01] <othermaciej> and image hotlinking is the main in-the-wild case of bandwidth abuse
# [01:01] <TabAtkins> But that's not generalizable, shrug.
# [01:01] <AryehGregor> @font-face is likely to never be a major source of information leaks or bandwidth leeching compared to <img>.
# [01:02] <TabAtkins> Dude, fonts are huge.
# [01:02] <AryehGregor> They're unlikely to be hotlinked as much as images.
# [01:02] * Joins: ttepasse (~ttepasse@ip-109-90-161-169.unitymediagroup.de)
# [01:03] <othermaciej> Limit-Embedding-To-Origins could also serve as a clickjacking mitigation
# [01:03] <AryehGregor> Image: want amusing cat picture for forum post -> Google Image Search -> copy URL from navigation bar.
# [01:03] <TabAtkins> othermaciej: By preventing an <iframe>?
# [01:03] <othermaciej> yeah
# [01:04] <Philip`> If an anti-hotlinking header just blocks the image loading, it wouldn't satisfy the use case of sending disturbing images to hotlinkers
# [01:04] <Philip`> Maybe the header should give a URL of an alternative image to load
# [01:04] <TabAtkins> True, but that doable with roughly the same difficulty.
# [01:05] <othermaciej> but more flexibly than x-frame-options
# [01:05] <TabAtkins> It's just an easy redirect line in your .htaccess.
# [01:05] * Joins: franksalim_ (~frank@99-123-6-19.lightspeed.sntcca.sbcglobal.net)
# [01:05] * Quits: franksalim (~frank@99-123-6-19.lightspeed.sntcca.sbcglobal.net) (Read error: Connection reset by peer)
# [01:06] * Joins: onar__ (~onar@17.246.54.134)
# [01:06] * Joins: jochen___ (~jochen@nat/google/x-ouomnpcnswymknvy)
# [01:07] * Quits: onar_ (~onar@17.216.38.14) (Read error: Operation timed out)
# [01:07] * Quits: franksalim_ (~frank@99-123-6-19.lightspeed.sntcca.sbcglobal.net) (Read error: Connection reset by peer)
# [01:08] * Joins: franksalim_ (~frank@99-123-6-19.lightspeed.sntcca.sbcglobal.net)
# [01:08] * Joins: sholmes (~sholmes@ip68-231-192-98.oc.oc.cox.net)
# [01:09] <sholmes> is there any new spec on javascript being closer tied to css?
# [01:09] * Quits: mhausenblas (~mhausenbl@wg1-nat.fwgal01.deri.ie) (Quit: mhausenblas)
# [01:09] <AryehGregor> What do you mean?
# [01:09] <TabAtkins> You mean the CSSOM improvements?
# [01:09] <sholmes> specs on javascript events for when a css property changes
# [01:09] <TabAtkins> No.
# [01:09] <sholmes> TabAtkins, I didn't know there was such a thing as CSSOM
# [01:09] * Quits: jochen__ (~jochen@nat/google/x-nuznupsimpwkodni) (Ping timeout: 240 seconds)
# [01:10] <roc> othermaciej: annevk suggested "From-Origin", which sounds a little better to me
# [01:10] * Quits: franksalim_ (~frank@99-123-6-19.lightspeed.sntcca.sbcglobal.net) (Client Quit)
# [01:10] <sholmes> It would be cool to be able to bind events to custom css properties
# [01:10] <roc> </bikeshed>
# [01:10] <TabAtkins> sholmes: The CSSOM is the interface that you use when you do, say, elem.style.width="50px"
# [01:10] <othermaciej> roc: that would sound a bit like it's a whitelist, not a blacklist
# [01:11] <roc> it is a whitelist
# [01:11] <othermaciej> Allow-Embedding-From-Origins: would sound like a whitelist, but might imply that in absence of the header default is none
# [01:11] <sholmes> TabAtkins, I see. Those are only inline styles though. How do you access CSS styling information on an element?
# [01:11] <othermaciej> er sorry, sounds like a blacklist
# [01:11] <sholmes> How do you access psuedo element styles?
# [01:11] <roc> Allow-Embedding-Origins?
# [01:11] <TabAtkins> sholmes: getComputedStyle
# [01:11] * Joins: jochen__ (~jochen@nat/google/x-sdvqboabjktcudcf)
# [01:11] <TabAtkins> (Which is also part of the CSSOM.)
# [01:11] <roc> or maybe just Allow-Embedding
# [01:12] <roc> or Embedders
# [01:12] * Quits: jochen___ (~jochen@nat/google/x-ouomnpcnswymknvy) (Ping timeout: 245 seconds)
# [01:12] <sholmes> TabAtkins, and what about the psuedo elements?
# [01:13] <AryehGregor> Restrict-Embedding:
# [01:13] <AryehGregor> Restrict-Embedding-To:, Restrict-Embedding-To-Origins:
# [01:13] <AryehGregor> Take your pick.
# [01:13] <TabAtkins> sholmes: That's part of the getComputedStyle function - you can specify that you want a pseudoelement off of the element instead.
# [01:13] <TabAtkins> sholmes: https://developer.mozilla.org/en/DOM:window.getComputedStyle
# [01:14] <sholmes> TabAtkins, this goes for psuedo classes too?
# [01:14] <TabAtkins> pseudoclasses arent' things that can have properties.
# [01:14] <TabAtkins> They're properties of elements.
# [01:14] <TabAtkins> (Just like classes.)
# [01:17] <sholmes> so you'd have to somehow get the element that has the psuedo class?
# [01:17] <TabAtkins> sholmes: Yes?
# [01:18] <TabAtkins> Look at the link I just provided. That explains how the function works.
# [01:18] <sholmes> I did
# [01:19] <othermaciej> AryehGregor: I like the brevity of Restrict-Embedding
# [01:19] <sholmes> it says you can use a string to select a psuedo element
# [01:19] <AryehGregor> Me too.
# [01:19] <TabAtkins> I might like the brevity of Embedders even more.
# [01:20] <AryehGregor> I don't.
# [01:20] <AryehGregor> It's much less obvious what it means.
# [01:20] <AryehGregor> It makes it sound like a list of things that do embed the file, not that can embed the file.
# [01:21] <sholmes> I don't think IE < 9 supports getComputedStyles
# [01:21] <AryehGregor> getComputedStyle, not getComputedStyles.
# [01:21] <AryehGregor> Although probably it doesn't.
# [01:21] <TabAtkins> They might support it on document.defaultView?
# [01:22] <sholmes> AryehGregor, yeah it was a typo
# [01:22] <TabAtkins> That's where it used to be defined, before everyone realized that was stupid and put it on window instead.
# [01:22] <AryehGregor> Googling suggests IE has a currentStyle property.
# [01:22] <sholmes> I think they use currentStyle
# [01:22] <sholmes> but I don't know if that has a psuedo element argument
# [01:23] <AryehGregor> Does IE < 9 support ::before or ::after anyway?
# [01:23] * Quits: ttepasse (~ttepasse@ip-109-90-161-169.unitymediagroup.de) (Ping timeout: 250 seconds)
# [01:23] <TabAtkins> Yes.
# [01:23] <Rik`> AryehGregor: I think IE > 6 supports that
# [01:23] <TabAtkins> Only the older single-colon version.
# [01:23] <AryehGregor> I thought it didn't support generated content until very recently.
# [01:23] <TabAtkins> Nope, it's done :before and :after for some time.
# [01:23] <gsnedders> IE7
# [01:24] <AryehGregor> Oh.
# [01:24] <AryehGregor> I'm getting mixed up with something else, then.
# [01:24] * Joins: tw2113 (~tw2113@fedora/tw2113)
# [01:24] <Rik`> hmm no, IE8
# [01:24] <Rik`> http://msdn.microsoft.com/en-us/library/cc351024%28v=vs.85%29.aspx
# [01:25] <Rik`> http://msdn.microsoft.com/en-us/library/cc351024%28v=vs.85%29.aspx#pseudoelements
# [01:25] <sholmes> :before and :after is what older versions support I think
# [01:25] * Joins: boogyman (~boogy@unaffiliated/boogyman)
# [01:30] * Joins: wakaba_0 (~wakaba_@122x221x184x68.ap122.ftth.ucom.ne.jp)
# [01:31] * Quits: onar__ (~onar@17.246.54.134) (Quit: onar__)
# [01:31] * Joins: ttepasse (~ttepasse@ip-109-90-161-169.unitymediagroup.de)
# [01:34] * Joins: wakaba_1 (~wakaba_@122x221x184x68.ap122.ftth.ucom.ne.jp)
# [01:35] * Quits: wakaba_0 (~wakaba_@122x221x184x68.ap122.ftth.ucom.ne.jp) (Ping timeout: 255 seconds)
# [01:39] <sholmes> what's the standard on styling placeholders?
# [01:43] <AryehGregor> There is none yet.
# [01:46] <sholmes> AryehGregor, oh. Well I like ::placeholder
# [01:47] <boogyman> sholmes: i'd equate it more similar to an attribute then a pseudo selector
# [01:47] <sholmes> But attributes don't have elements.
# [01:48] * Joins: mattmay (4bc46b86@gateway/web/freenode/ip.75.196.107.134)
# [01:48] <boogyman> attributes have values
# [01:48] <sholmes> I like the idea of having the implementation provide "hidden" psuedo elements which you can select. Then there's psuedo classes, which completely different.
# [01:48] <sholmes> boogyman: values don't have styling
# [01:48] <sholmes> only elements do, at least I argue.
# [01:49] * Joins: weinig (~weinig@2620:0:1b00:1191:223:32ff:feaf:7f36)
# [01:49] * dglazkov is now known as dglazkov|away
# [01:49] <mattmay> Anybody here want to answer a few intellectual property questions?
# [01:50] * Quits: sicking (~chatzilla@nat/mozilla/x-zcdojkrzfxmutiyt) (Ping timeout: 250 seconds)
# [01:51] <boogyman> mattmay: you might want to consult a lawyer, however, in absence of one, ask the question and i'm sure someone will provide his/her biased opinion
# [01:51] <mattmay> Well, the ones I have should probably be answerable here.
# [01:52] <sholmes> mattmay: does this have to do with pornography?
# [01:52] <mattmay> From what I've been able to find, WHATWG has no patent policy. Is that still correct?
# [01:52] <mattmay> sholmes: ha! no.
# [01:53] <gsnedders> mattmay: That is correct.
# [01:53] <mattmay> Is there any interest/effort in that ever changing?
# [01:53] <sholmes> mattmay: are you sure? Because the wikipedia article uses the word pornagraphic more than once.
# [01:54] * Joins: nattokirai (~nattokira@rtr.mozilla.or.jp)
# [01:55] <AryehGregor> I feel like I ask this question in some form like every three weeks, but: where's a database of web pages that I can search through to find things like innerText usage patterns?
# [01:55] <AryehGregor> mattmay, the WHATWG does not formally exist. It has no members or anything. It's not obvious what form a patent policy would take. The W3C gets people to agree to its patent policy by having this whole system of membership and making it hard to contribute to its specs unless you join, but that's not how the WHATWG works.
# [01:56] <AryehGregor> We'd have to not let people participate if their employer didn't agree to the patent policy or objectionable things like that.
# [01:57] <sholmes> AryehGregor, you mean answer this question?
# [01:57] <AryehGregor> For now, most of the WHATWG stuff is mirrored at the W3C and the rest will probably be mirrored there eventually, so we're not too bad on patents as it stands.
# [01:57] <Hixie> AryehGregor: if you want i can do a search for you, if there's somethin specific you're looking for
# [01:57] <mattmay> Yes, but you do have three browser engines and four companies participating. Is there even an agreement among them?
# [01:57] <Hixie> companies don't participate in the whatwg, individuals do
# [01:57] <AryehGregor> Hixie, I just want a large sample of pages that use it so I can see how people use it. Philip` has some database he uses for stuff like this.
# [01:57] <Hixie> AryehGregor: not sure where Philip`'s is. If you just want me to search for pages with "innerText" in them I can do that.
# [01:57] <AryehGregor> mattmay, the WHATWG is not a corporation or anything. It's hosted on Hixie's VPS and has no formal status at all.
# [01:58] <AryehGregor> Hixie, that would be useful for now, thanks.
# [01:58] * Quits: ap (~ap@17.246.16.136) (Read error: Connection reset by peer)
# [01:58] * Joins: ap (~ap@17.203.15.167)
# [01:58] <mattmay> Hixie: Yes, but don't many of those individuals have employment contracts with organizations that includes the assignment of IPR?
# [02:00] <Hixie> you'd have to ask them
# [02:00] <Hixie> AryehGregor: um. how many of these do you want? :-)
# [02:01] <TabAtkins> A couple hundred thousand should work, I'd think.
# [02:02] * Joins: justinhjohnson1 (~Adium@67-131-94-2.dia.static.qwest.net)
# [02:02] * Quits: justinhjohnson (~Adium@67-131-94-2.dia.static.qwest.net) (Read error: Connection reset by peer)
# [02:02] <mattmay> Hixie: Well, if they do (that is, if their contracts are anything like mine), doesn't that give you pause? Ostensibly, you're building something that somebody's employer could put a claim on later.
# [02:03] <Philip`> AryehGregor: http://www.dotnetdotcom.org/ ?
# [02:03] <Hixie> mattmay: the patent system in general gives me grave concerns
# [02:04] <mattmay> Okay, so we do agree on something. :D
# [02:04] * Quits: ZombieLoffe (~e@unaffiliated/zombieloffe)
# [02:04] <Hixie> is there an easy way on mac os to pipe the clipboard to a shell script?
# [02:04] <jamesr_> man pbpaste
# [02:05] <Hixie> sweet
# [02:05] <jamesr_> pbpaste | say
# [02:05] <jamesr_> always fun to run every now and then
# [02:05] <TabAtkins> Heh.
# [02:05] <mattmay> But being concerned is one thing. Actively protecting against bad things happening is another.
# [02:06] * Joins: agektmr (~Adium@2401:fa00:4:1012:fa1e:dfff:fee6:d74e)
# [02:08] * Joins: sicking (~chatzilla@nat/mozilla/x-tnuomemoidmdphms)
# [02:09] <Hixie> AryehGregor: http://damowmow.com/temp/innerText.urls
# [02:09] <Hixie> AryehGregor: i limited it to one url per hostname
# [02:10] <AryehGregor> Great, thanks.
# [02:10] * Quits: mattmay (4bc46b86@gateway/web/freenode/ip.75.196.107.134) (Ping timeout: 240 seconds)
# [02:10] <Hixie> AryehGregor: this is very much a biased sample, it's not a good random distribution or anything
# [02:10] <Hixie> AryehGregor: but hopefully it's enough
# [02:10] <Hixie> gotta go
# [02:11] <TabAtkins> Heh, this is pretty cool: http://2011.beercamp.com/ (scroll it all the way to the end)
# [02:12] <jamesr_> i wish the back button worked
# [02:12] <jamesr_> pretty cute
# [02:13] <jamesr_> i guess they're just eating onscroll?
# [02:13] <TabAtkins> Just click on the top, no need for a back button. (And have speakers on.)
# [02:13] <TabAtkins> Yeah, I assume, since it responds correctly to all forms of scrolling.
# [02:13] * AryehGregor used page down, and got confused
# [02:14] <TabAtkins> But yeah, they should be watching the zoom level and altering the hash accordingly.
# [02:14] <TabAtkins> They already watch so they can highlight the right entry in the floating menu.
# [02:16] * Joins: mattmay (4bc46b86@gateway/web/freenode/ip.75.196.107.134)
# [02:16] <mattmay> So, nothing? No plans to make sure WHATWG output is reasonably protected from patent nastiness?
# [02:17] <jamesr_> mattmay: if you have a proposal submit it to the mailing list
# [02:17] <TabAtkins> Hixie: Any particular reason you tried to redefine content:none to just make pseudos empty, rather than preventing them from being created?
# [02:19] <TabAtkins> Hixie: For now I'm ignoring css3-content and just having ::marker compute to 'content:none' when appropriate.
# [02:20] <mattmay> jamesr_: I had to see if the problem I saw actually existed, before proposing to fix it. Still not convinced people see a problem, though.
# [02:20] <jamesr_> mattmay: well you aren't being terribly convincing here
# [02:21] <TabAtkins> In the absence of anyone actually trying to patent-troll the WHATWG is its 6+ years of existence, it doesn't seem urgent to protect it against patent-trolling.
# [02:21] <mattmay> jamesr_: I wouldn't know where to start.
# [02:22] <mattmay> TabAtkins: That's like saying if your house isn't on fire, there's really no need to buy insurance.
# [02:22] * bga_ is now known as bga_|away
# [02:22] <jamesr_> mattmay: sounds like maybe you should figure out where to start before trying to present your case
# [02:22] <AryehGregor> mattmay, all significant work at the WHATWG is eventually copied over to the W3C, which has a patent policy. What could the WHATWG do to improve the situation over that?
# [02:22] * bga_|away is now known as bga_
# [02:23] <mattmay> Well, it's not going to be one line at a time. I think the first attempt is going to be tl;dr length, and we'l take it from there.
# [02:23] <AryehGregor> (not that the W3C patent policy gives any protection from patent trolls or other non-members)
# [02:23] <jamesr_> that's why i said email
# [02:23] <mattmay> AryehGregor: Well, at least they have a process for rallying the members when patent trolls appear.
# [02:24] <jamesr_> or maybe another channel so people can have useful discussions on this channel
# [02:24] <TabAtkins> mattmay: Similar, sure. But patent trolls don't happen by accident. The WHATWG has been defining a major piece of internet technology for years now.
# [02:24] <AryehGregor> I love web authors: s.setBaseAndExtent(e, 0, e, e.innerText.length - 1);
# [02:24] <AryehGregor> jamesr_, since when does anyone have useful discussions on this channel?
# [02:24] <mattmay> What I'm mostly concerned about is work that happens outside of W3C, which gets implemented by devs, and is unprotected until it gets rolled into a W3C draft.
# [02:24] <AryehGregor> mattmay, what process do they have for rallying the members when patent trolls appear?
# [02:24] <jamesr_> AryehGregor: touche
# [02:25] <mattmay> Which is going to be a longer and longer period of exposure now that things aren't actively getting added to HTML5.
# [02:25] <AryehGregor> mattmay, work is unprotected until it gets to a W3C Recommendation, if I remember correctly. So we're talking a lag of years here anyway.
# [02:25] <AryehGregor> When HTML5 gets frozen, we can start working on HTML6 in parallel in the W3C.
# [02:25] <TabAtkins> AryehGregor: That call won't do anything like what they intend, will it?
# [02:25] <AryehGregor> CSS 2.1 has been frozen for years, but we're working on CSS 3 too.
# [02:25] <AryehGregor> TabAtkins, nope. Not even close.
# [02:25] <mattmay> AryehGregor: AFAIK, it's protected from FPWD status.
# [02:26] <mattmay> As far as protection goes, they have the Patent Advisory Groups, which get formed to see if a claim is valid, see if it can be routed around, see who has prior art, etc.
# [02:27] <AryehGregor> When it comes to post-facto stuff, the W3C can be used for that when it happens.
# [02:27] <mattmay> Well, not if it's not in a W3C spec.
# [02:28] <AryehGregor> It can be added to one quickly. :)
# [02:28] <AryehGregor> It seems like there are licensing requirements for WDs, you're right.
# [02:28] <AryehGregor> Not clear on exactly what they are.
# [02:28] <othermaciej> FPWD doesn't actually give anyone a patent license
# [02:29] <AryehGregor> I find the Patent Policy hard to read.
# [02:29] <othermaciej> FPWD is just an exclusion opportunity
# [02:29] <othermaciej> technically, licensing non-excluded patent claims is not required until REC
# [02:29] * Joins: boaz (~boaz@c-24-128-79-120.hsd1.ma.comcast.net)
# [02:29] <othermaciej> though FPWD (and later LC) at least gives you some notice
# [02:29] <mattmay> It's an opportunity to ask the question before a bunch of implementers have to roll back running code.
# [02:29] <AryehGregor> That's what I thought.
# [02:29] <AryehGregor> Anyway, there's not much in the WHATWG that's not in the W3C.
# [02:29] * Quits: sicking (~chatzilla@nat/mozilla/x-tnuomemoidmdphms) (Ping timeout: 255 seconds)
# [02:30] <othermaciej> anyhow, once HTML WG recharters, I expect our charter will include scope for HTML 5.1 / HTML6 / whatever
# [02:30] <mattmay> Right, but like I said, there's going to be a backlog hanging out there.
# [02:30] <othermaciej> in parallel with taking HTML5 the rest of the way to REC
# [02:30] <mattmay> And it's going to be the stuff the cool kids are going to dig into.
# [02:31] <jamesr_> what's the ETA for HTML5 to REC in w3c land? 2025ish?
# [02:31] <AryehGregor> 2022 last I heard.
# [02:33] <AryehGregor> The unescapeHTML function here is vaguely fascinating. I wonder what it's used for: http://api.opencast.naver.com/CS888/23
# [02:34] <mattmay> I'm skimming, but it looks like most of what W3C does is enforced within 60 days after LC.
# [02:34] * Quits: boogyman (~boogy@unaffiliated/boogyman) (Quit: ChatZilla 0.9.86 [Firefox 3.6.13/20101203075014])
# [02:34] <othermaciej> depends on what you mean by "E"
# [02:34] * Joins: sicking (~chatzilla@nat/mozilla/x-cgupylukacxmytkn)
# [02:36] <tw2113> it's just a number
# [02:37] <jamesr_> "E". it's just a number
# [02:37] <mattmay> Well, thanks for the info, everybody.
# [02:37] * Joins: homata__ (~homata@58x158x182x50.ap58.ftth.ucom.ne.jp)
# [02:37] * Quits: mattmay (4bc46b86@gateway/web/freenode/ip.75.196.107.134) (Quit: Page closed)
# [02:38] <TabAtkins> Ah, I love clear specs that answer my questions simply.
# [02:38] <TabAtkins> (In this case, how to serialize the string ".". The answer, unsurprisingly, is ".")
# [02:40] * Quits: homata (~homata@58x158x182x50.ap58.ftth.ucom.ne.jp) (Ping timeout: 255 seconds)
# [02:41] <othermaciej> the HTML WG charter estimates 2010 Q3 for REC
# [02:41] <othermaciej> I don't think that was a very realistic estimate
# [02:42] <AryehGregor> No, I have to grant it doesn't seem very realistic.
# [02:42] <AryehGregor> Hixie estimated LC would be sometime in 2011, right?
# [02:43] <jamesr_> according to the tech press we already have at least 2 implementations of HTML5
# [02:43] <AryehGregor> TabAtkins, what spec?
# [02:43] * Quits: sicking (~chatzilla@nat/mozilla/x-cgupylukacxmytkn) (Remote host closed the connection)
# [02:43] <TabAtkins> AryehGregor: CSSOM
# [02:43] <AryehGregor> Ah.
# [02:44] <AryehGregor> The overwhelming majority of innerText uses could just be replaced by textContent. Either they're assignment only, or dealing with nodes that only have short text node children.
# [02:44] <TabAtkins> I was fixing an example in Lists that was written by Hixie, where he'd given the computed value of something as containing "\002E". By current CSSOM, though, that's not the natural answer.
# [02:47] <AryehGregor> I see multiple sites using createRange()+selectNodeContents()+toString() as an innerText replacement. I wonder why, since it's equivalent to textContent. Is textContent recent?
# [02:47] <AryehGregor> Or is this just gratuitous cargo-culting?
# [02:47] <TabAtkins> Sounds like cargo-culting.
# [02:47] * Quits: smaug____ (~chatzilla@dsl-hkibrasgw4-fe45dc00-171.dhcp.inet.fi) (Ping timeout: 240 seconds)
# [02:48] <TabAtkins> I just realized how odd of a word "unbeknownst" is. It confuses me just to type it, though I know instinctively how to spell it.
# [02:48] <TabAtkins> Too much archaicness in it.
# [02:49] * Quits: ap (~ap@17.203.15.167) (Quit: ap)
# [02:49] <AryehGregor> Here's a case where someone's actually using the plaintextification properties of innerText, I think: view-source:http://albanolaziale.blogolandia.it/2008/06/13/la-scuola-di-pavona-campione-nazionale-di-teatro/
# [02:50] <AryehGregor> (that view-source: bit is pretty annoying, Chrome should drop that when you copy the URL IMO)
# [02:50] <jamesr_> also kinda makes you sound like a ponce when you say it
# [02:51] <AryehGregor> Possibly this one too: http://ask.chinese.cn/findAndReplyQuestionAction.action?problemId=377
# [02:52] <AryehGregor> But they don't seem to be relying on the details at all, they use textContent as a substitute.
# [02:52] <TabAtkins> Agreed on the first.
# [02:52] <TabAtkins> So what you're saying is, so far it looks like you can just spec it as "be like textContent" and you'd be okay?
# [02:53] <AryehGregor> No, there are a couple of cases I've found where it looks like that would degrade website behavior.
# [02:53] <AryehGregor> It would be mostly fine, yes.
# [02:53] <AryehGregor> Opera more or less does that.
# [02:54] <AryehGregor> But it wouldn't allow any way to get a plaintext representation of HTML except selecting it, which is kind of unreasonable.
# [02:54] <TabAtkins> If the choice is "degrade a few websites" or "spec something complicated that no one wants to implement"...
# [02:54] <AryehGregor> WebKit apparently doesn't want to make its innerText work like textContent.
# [02:54] <AryehGregor> I'd be okay with that, reportedly so would Opera, and Mozilla certainly would.
# [02:55] <AryehGregor> But anyway, you still have to spec Selection.toString(), which should be the same spec anyway.
# [02:55] <AryehGregor> And largely the same implementation.
# [02:56] * Quits: dbaron (~dbaron@nat/mozilla/x-ffuqxjvxmwbpvphm) (Quit: 8403864 bytes have been tenured, next gc will be global.)
# [03:04] <TabAtkins> Hrm. I wish I could go back in time and implement Positioned Layout before someone wrote list-style-position, as its values can be implemented in terms of that. Darn.
# [03:04] <TabAtkins> Now I have to figure out how to talk about this in a way that will work correctly with ::marker being positionable.
# [03:05] <TabAtkins> I think I can just punt by saying list-style-position only applies if the ::marker is an in-flow inline-level element.
# [03:05] * Quits: BlurstOfTimes (~blurstoft@c-24-218-222-84.hsd1.ma.comcast.net) (Remote host closed the connection)
# [03:10] * Joins: jacobolus (~jacobolus@c-24-128-190-29.hsd1.ma.comcast.net)
# [03:10] * Joins: justinhjohnson (~Adium@67-131-94-2.dia.static.qwest.net)
# [03:10] * Quits: justinhjohnson1 (~Adium@67-131-94-2.dia.static.qwest.net) (Read error: Connection reset by peer)
# [03:10] * Quits: dave_levin (~dave_levi@nat/google/x-azsarcjppulayqfh) (Quit: dave_levin)
# [03:14] * Quits: justinhjohnson (~Adium@67-131-94-2.dia.static.qwest.net) (Ping timeout: 240 seconds)
# [03:21] * Quits: silanus (~silanus@p5DDE9ADE.dip.t-dialin.net) (Ping timeout: 255 seconds)
# [03:24] <Philip`> AryehGregor: It seems hard to judge the compatibility risk from the proportion of sites making more complex use of innerText, unfortunately
# [03:25] <Philip`> since there might be 10% of all sites using it in trivial ways and 0.01% using it in complex ways
# [03:25] * Quits: benschwarz (~ben@59.167.185.148) (Quit: benschwarz)
# [03:25] <Philip`> so looking through a list of sites using innerText won't show the difficult ones
# [03:25] <Philip`> which is a pain :-(
# [03:26] <Philip`> (It's much easier with features that are used on 0.01% of sites and not used anywhere else, because then you don't have to try hard to filter out huge amounts of trivial junk)
# [03:27] * Quits: chriseppstein (~chris@209.119.65.162) (Quit: chriseppstein)
# [03:28] * Joins: silanus (~silanus@p5DDE9704.dip.t-dialin.net)
# [03:28] * Quits: mloki (~mloki__@x1-6-00-10-a7-28-f3-47.k765.webspeed.dk) (Quit: Leaving)
# [03:29] <jamesr_> are you auditing major libraries?
# [03:32] * Quits: kurrik (~kurrik@nat/google/x-liagzquknisfenxr) (Quit: Leaving)
# [03:50] * bga_ is now known as bga_|away
# [03:51] * Quits: ttepasse (~ttepasse@ip-109-90-161-169.unitymediagroup.de) (Quit: Now time for the weather. Tiffany?)
# [03:51] <wirepair> does anyone implement the steps as outlined: http://dev.w3.org/html5/spec/Overview.html#autofocusing-a-form-control ?
# [03:52] <wirepair> in particular ff 4.0b11 and chrome 8.0.552 seem to disregard step #3
# [03:52] <wirepair> er sorry step #5
# [04:15] * Quits: silanus (~silanus@p5DDE9704.dip.t-dialin.net) (Read error: Operation timed out)
# [04:15] * Joins: silanus (~silanus@p5DDE9704.dip.t-dialin.net)
# [04:23] * bga_|away is now known as bga_
# [04:28] * Quits: saba (~foo@unaffiliated/saba) (Read error: Connection reset by peer)
# [04:30] * Quits: jamesr_ (~jamesr@nat/google/x-yjagwhyhpqkmrrab) (Quit: jamesr_)
# [04:33] * Quits: benjoffe (~benjoffe@63-235-13-3.dia.static.qwest.net) (Quit: benjoffe)
# [04:38] * Quits: Amorphous (jan@unaffiliated/amorphous) (Ping timeout: 272 seconds)
# [04:42] * Quits: othermaciej (~mjs@17.246.18.50) (Quit: othermaciej)
# [04:50] * Joins: jamesr_ (~jamesr@173-164-251-190-SFBA.hfc.comcastbusiness.net)
# [04:52] * Joins: Amorphous (jan@unaffiliated/amorphous)
# [04:55] * Quits: jamesr_ (~jamesr@173-164-251-190-SFBA.hfc.comcastbusiness.net) (Quit: jamesr_)
# [04:57] * Joins: yutak (~yutak@2401:fa00:4:1000:baac:6fff:fe99:adfb)
# [05:17] * Joins: micheil (~micheil@ppp121-44-200-221.lns20.syd7.internode.on.net)
# [05:28] * Quits: mdelaney (~mdelaney@c-69-181-26-199.hsd1.ca.comcast.net) (Quit: mdelaney)
# [05:30] * Quits: jwalden (~waldo@nat/mozilla/x-ytbvgybqbzlqqxdi) (Quit: over and out)
# [05:37] * Joins: justinhjohnson (~Adium@c-76-120-71-255.hsd1.co.comcast.net)
# [05:40] * Quits: nessy (~Adium@74.125.56.18) (Quit: Leaving.)
# [05:44] * Joins: benjoffe (~benjoffe@63-235-13-3.dia.static.qwest.net)
# [05:51] * Joins: benschwarz (~ben@59.167.185.148)
# [06:00] * Quits: weinig (~weinig@2620:0:1b00:1191:223:32ff:feaf:7f36) (Quit: weinig)
# [06:01] * Joins: othermaciej (~mjs@c-24-6-209-6.hsd1.ca.comcast.net)
# [06:05] * Quits: roc (~chatzilla@203-97-204-82.dsl.clear.net.nz) (Ping timeout: 276 seconds)
# [06:07] * Quits: benschwarz (~ben@59.167.185.148) (Quit: benschwarz)
# [06:08] * Quits: sholmes (~sholmes@ip68-231-192-98.oc.oc.cox.net) (Ping timeout: 240 seconds)
# [06:08] * Quits: agektmr (~Adium@2401:fa00:4:1012:fa1e:dfff:fee6:d74e) (Quit: Leaving.)
# [06:10] * Joins: agektmr (~Adium@2401:fa00:4:1012:fa1e:dfff:fee6:d74e)
# [06:12] <Hixie> hsivonen: do you recall why you wrote "the Document of the script element at the time the running a script
# [06:12] <Hixie> algorithm started"
# [06:12] <Hixie> rather than just the element's Document at the point in the running a script algorithm that the step is in?
# [06:13] <Hixie> i don't see anything that could make it different
# [06:14] <Hixie> hm i guess it's what the next step already says
# [06:14] <Hixie> i wonder why i did it that way
# [06:17] * Joins: jamesr_ (~jamesr@173-164-251-190-SFBA.hfc.comcastbusiness.net)
# [06:20] * Joins: sholmes (~sholmes@ip68-231-192-98.oc.oc.cox.net)
# [06:34] * Quits: boaz (~boaz@c-24-128-79-120.hsd1.ma.comcast.net) (Quit: boaz)
# [06:36] * Quits: doublec (~chris@unaffiliated/doublec) (Quit: Leaving)
# [06:36] * Joins: weinig (~weinig@c-24-130-56-198.hsd1.ca.comcast.net)
# [06:37] * Joins: estellevw (~estelle@adsl-99-8-226-179.dsl.pltn13.sbcglobal.net)
# [06:45] <Hixie> hey didn't we fix the spec to say that href="?from=1&to=2" was not an error?
# [06:46] * Quits: virtuelv (~virtuelv_@20.74.9.46.customer.cdi.no) (Ping timeout: 255 seconds)
# [06:46] <Hixie> MikeSmith: do you know if the validator was updated with the latest char ref stuff?
# [06:47] * Hixie blogs for the first time in 10 months
# [06:47] <MikeSmith> Hixie: how latest?
# [06:47] <Hixie> the stuff that made &to= not be a bug
# [06:48] <MikeSmith> you got a bug number?
# [06:48] <Hixie> no
# [06:48] * MikeSmith looks through http://hg.mozilla.org/projects/htmlparser/
# [06:49] <MikeSmith> I have not ever touched that part of the parser code myself
# [06:49] <Hixie> k
# [06:49] <Hixie> looks like it hasn't
# [06:49] <MikeSmith> and I don't remember Henri mentioning it
# [06:49] <Hixie> it says my blog is invalid, but it looks like from the spec that I finally buckled under the pressure and made that not a bug
# [06:49] <Hixie> not a conformance violation, i mean
# [06:49] <Hixie> so i guess it's a validator bug now
# [06:49] <Hixie> :-)
# [06:50] <Hixie> anyway, gotta go. bbl.
# [06:50] <MikeSmith> thanks!
# [06:50] <MikeSmith> I'll raise a bug for it
# [06:50] <MikeSmith> …and assign it to Henri
# [06:50] <Hixie> hsivonen will hopefully be happy that i finally fixed one of his script things :-)
# [06:50] <MikeSmith> hot potato
# [06:50] <Hixie> hehe
# [06:50] <Hixie> later
# [06:54] * Quits: weinig (~weinig@c-24-130-56-198.hsd1.ca.comcast.net) (Quit: weinig)
# [06:57] * Quits: justinhjohnson (~Adium@c-76-120-71-255.hsd1.co.comcast.net) (Quit: Leaving.)
# [06:58] * hsivonen looks for spec changes
# [06:58] <hsivonen> Hixie, MikeSmith: I thought I had fixed error reporting for ampersands in attribute values
# [06:59] * MikeSmith don't remember
# [07:00] * Joins: weinig (~weinig@c-24-130-56-198.hsd1.ca.comcast.net)
# [07:01] <MikeSmith> if so, I hope I didn't cause it to regress with any of my patches
# [07:02] <MikeSmith> but I don't recall touching that
# [07:05] <hsivonen> Hixie: thanks for fixing the async defaults to true bug!
# [07:05] * Quits: sephr (~Eli@c-98-235-63-240.hsd1.pa.comcast.net) (Ping timeout: 240 seconds)
# [07:10] * Quits: agektmr (~Adium@2401:fa00:4:1012:fa1e:dfff:fee6:d74e) (Quit: Leaving.)
# [07:10] * Quits: reni (~reni@sedkit.inf.u-szeged.hu) (Read error: Connection reset by peer)
# [07:14] * Joins: reni (~reni@sedkit.inf.u-szeged.hu)
# [07:17] * Quits: micheil (~micheil@ppp121-44-200-221.lns20.syd7.internode.on.net) (Ping timeout: 240 seconds)
# [07:21] * Parts: tw2113 (~tw2113@fedora/tw2113) ("IRC is just multiplayer notepad")
# [07:23] * Quits: estellevw (~estelle@adsl-99-8-226-179.dsl.pltn13.sbcglobal.net) (Remote host closed the connection)
# [07:36] * Joins: jwalden (~waldo@c-71-202-165-226.hsd1.ca.comcast.net)
# [07:37] * Joins: agektmr (~Adium@2401:fa00:4:1012:fa1e:dfff:fee6:d74e)
# [07:42] * Joins: kor (~kor@ip146-53-210-87.adsl2.static.versatel.nl)
# [07:54] * Parts: sholmes (~sholmes@ip68-231-192-98.oc.oc.cox.net) ("Leaving")
# [07:55] <hsivonen> wow. the IEblog WebM post sure has an astroturfy title
# [07:55] * Joins: virtuelv (~virtuelv_@pat-tdc.opera.com)
# [08:05] * Joins: anttio (~anttio@huittinen.of.frantic.com)
# [08:17] * Joins: onar_ (~onar@c-67-169-86-105.hsd1.ca.comcast.net)
# [08:18] * bga_ is now known as bga_|away
# [08:29] * Joins: rimantas (~rimliu@93.93.57.193)
# [08:34] * Joins: Xano (~bart@524BF837.cm-4-4d.dynamic.ziggo.nl)
# [08:35] * Joins: roc (~chatzilla@121.98.230.221)
# [08:38] * Joins: bga_ (~bga@ppp91-122-51-148.pppoe.avangarddsl.ru)
# [08:38] * bga_ is now known as _bga
# [08:41] * Quits: bga_|away (~bga@ppp91-122-51-148.pppoe.avangarddsl.ru) (Ping timeout: 276 seconds)
# [08:43] * Quits: Xano (~bart@524BF837.cm-4-4d.dynamic.ziggo.nl) (Quit: Beer o'clock!)
# [08:44] * Joins: danbri (~danbri@ip176-48-210-87.adsl2.static.versatel.nl)
# [08:47] * Joins: Maurice (~ano@a80-101-46-164.adsl.xs4all.nl)
# [08:47] * Quits: onar_ (~onar@c-67-169-86-105.hsd1.ca.comcast.net) (Quit: onar_)
# [08:48] * Quits: Maurice (~ano@a80-101-46-164.adsl.xs4all.nl) (Client Quit)
# [08:48] * Quits: danbri (~danbri@ip176-48-210-87.adsl2.static.versatel.nl) (Remote host closed the connection)
# [08:50] * Joins: Maurice (~ano@a80-101-46-164.adsl.xs4all.nl)
# [08:52] * Joins: bga_ (~bga@ppp91-122-51-148.pppoe.avangarddsl.ru)
# [08:52] * bga_ is now known as bga_|away
# [08:53] * Joins: danbri (~danbri@ip176-48-210-87.adsl2.static.versatel.nl)
# [08:55] * Quits: _bga (~bga@ppp91-122-51-148.pppoe.avangarddsl.ru) (Ping timeout: 255 seconds)
# [08:55] * Quits: bga_|away (~bga@ppp91-122-51-148.pppoe.avangarddsl.ru) (Read error: Connection reset by peer)
# [08:55] * Joins: erlehmann (~erlehmann@89.204.137.112)
# [09:00] * Quits: kor (~kor@ip146-53-210-87.adsl2.static.versatel.nl) (Quit: kor)
# [09:01] * Quits: jamesr_ (~jamesr@173-164-251-190-SFBA.hfc.comcastbusiness.net) (Quit: jamesr_)
# [09:05] * Joins: Frippe (~Frippe@238.218.216.81.static.hud.siw.siwnet.net)
# [09:08] * Joins: maikmerten (~merten@ls5dhcp197.cs.uni-dortmund.de)
# [09:12] * Joins: pesla (~pesla@188.202.125.121)
# [09:15] * Joins: Xano (~bart@524BF837.cm-4-4d.dynamic.ziggo.nl)
# [09:16] <othermaciej> hsivonen: seems a little funny for them to call themselves "the community" but Dean has a good point about the standards status of WebM and Google's seeming disinterest in making it a real standard
# [09:17] * Joins: mhausenblas (~mhausenbl@wlan-nat.fwgal01.deri.ie)
# [09:18] * Joins: mhausenblas_ (~mhausenbl@wg1-nat.fwgal01.deri.ie)
# [09:19] * Quits: weinig (~weinig@c-24-130-56-198.hsd1.ca.comcast.net) (Quit: weinig)
# [09:22] * Quits: mhausenblas (~mhausenbl@wlan-nat.fwgal01.deri.ie) (Ping timeout: 255 seconds)
# [09:22] * mhausenblas_ is now known as mhausenblas
# [09:23] <Hixie> what is a "real" standard?
# [09:24] <othermaciej> I guess that's hard to say
# [09:24] <othermaciej> but I would say (a) controlled exclusively by a single corporation; and (b) defined in terms of a single specific implementation, bugs and all; are disqualifying conditions
# [09:25] <Hixie> (b) seems resolved (http://tools.ietf.org/html/draft-bankoski-vp8-bitstream-00)
# [09:25] <Hixie> dunno what the status on (a) is
# [09:26] <othermaciej> "If there are any conflicts between this document and the reference source
# [09:26] <othermaciej> code, the reference source code should be considered correct. The
# [09:26] <othermaciej> bitstream is defined by the reference source code and not this
# [09:26] <othermaciej> document."
# [09:30] * Quits: jwalden (~waldo@c-71-202-165-226.hsd1.ca.comcast.net) (Quit: ChatZilla 0.9.86-rdmsoft [XULRunner 1.9.2.13/20110103133706])
# [09:32] * Quits: nattokirai (~nattokira@rtr.mozilla.or.jp) (Quit: nattokirai)
# [09:32] <hsivonen> othermaciej: yeah, it looks bad that WebM hasn't been blessed by something like ECMA.
# [09:33] <hsivonen> personally, I think that at this point it would be bad to bikeshed the bitstream
# [09:33] * hsivonen would hate to see WebM have the fate of Web Socket
# [09:33] <othermaciej> yeah, better not submit it to the IETF
# [09:36] <hsivonen> has OpenType been blessed by ISO without bikeshedding?
# [09:37] <Hixie> othermaciej: hm, yeah, that's sad. oh well.
# [09:37] <Hixie> reference implementations are a terrible way to spec technology
# [09:37] <hsivonen> that is, is OpenType basically an "open" spec where the participating communite was Microsoft and Adobe?
# [09:37] <hsivonen> (at the time of speccing the details)
# [09:37] <hsivonen> *community
# [09:38] <othermaciej> I know nothing of the history
# [09:38] <othermaciej> it is apparently an ISO standard now
# [09:38] <othermaciej> (according to Wikipedia)
# [09:39] <hsivonen> anyway, if stuff works and is RF, I don't think it's inherently bad that a format was set by one or a couple of players instead of a wide committee
# [09:40] <hsivonen> PDF up to and including 1.4 works pretty well, though the spec was Adobe-controlled
# [09:41] <hsivonen> from 1.5 onwards, I'm pretty happy that Apple de facto limited how crazy Adobe could make the format that can be deployed
# [09:41] <othermaciej> Java being controlled by Sun is perhaps a more problematic example
# [09:41] <othermaciej> notwithstanding claimed RF commitments
# [09:42] <othermaciej> PDF in the wild is unfortunately still a bit too crazy
# [09:42] <hsivonen> Java is not a file format, though
# [09:42] <hsivonen> program execution environments are rather hard to make interoperate when they get as large and Java's default libs
# [09:42] <othermaciej> there are sites that use PDF scripting solely to print things
# [09:42] <othermaciej> by making self-printing PDFs that use JavaScript to do it, basically
# [09:43] <hsivonen> I think JS in PDF is one of the part where Adobe went into the weeds
# [09:43] <hsivonen> the Adobe Intelligent Document Platform in general is, IMO
# [09:43] <othermaciej> I would agree that Java is not *just* a file format
# [09:43] <othermaciej> but .class is sent over the wire just the same as .pdf or .html or .swf
# [09:43] <hsivonen> othermaciej: well, sure, Java has a file format as a component, but it's not the interesting part
# [09:43] * Joins: gonemad3 (~workmad3@cpc3-bagu10-0-0-cust651.1-3.cable.virginmedia.com)
# [09:44] <hsivonen> it's a necessary part, but not at all the hard part interop-wise
# [09:44] <hsivonen> (well, depends on whether you count byte code verification as part of the format)
# [09:45] * Joins: kal-EL_ (~jor-EL@host195-73-dynamic.11-79-r.retail.telecomitalia.it)
# [09:46] <othermaciej> it kind of boggles the mind that HTML4 added a tag solely for embedding Java programs
# [09:46] <erlehmann> hsivonen, watch the talk OMG WTF PDF from 27th chaos communication congress. you may be surprised.
# [09:46] <erlehmann> PDF basically is a mess.
# [09:46] * Quits: workmad3 (~workmad3@cpc3-bagu10-0-0-cust651.1-3.cable.virginmedia.com) (Ping timeout: 276 seconds)
# [09:46] <erlehmann> even without taking javascript into account
# [09:47] <othermaciej> that reminds me that PDF and Java are also huge vectors for malware delivery via the browser
# [09:47] <erlehmann> slides are here http://events.ccc.de/congress/2010/Fahrplan/events/4221.en.html
# [09:49] <othermaciej> don't know if this relates to the de-facto mostly-single-implementation nature
# [09:50] <hsivonen> erlehmann: I've read the entire PDF spec as it existed in 2002 (1.4 probably). I know it's an evolutionary mess, but it still works remarkably well for capturing resolution-independent final-form paginated graphics.
# [09:50] <hsivonen> othermaciej: PDF or Adobe Reader?
# [09:51] <hsivonen> othermaciej: is anyone delivering malware via Preview, Foxit or Evince?
# [09:51] <othermaciej> hsivonen: I suspect you are a lot safer browsing PDFs on a Mac if you don't install Adobe Reader
# [09:51] * hsivonen doesn't count one of the iPhone jailbreaks as malware, because users wanted to have their phones jailbroken
# [09:52] <erlehmann> hsivonen, mea culpa for underestimating your ability to withstand spec-induced pain. but you should still fast-forward through the talk, its funney :)
# [09:52] <hsivonen> erlehmann: lol. the slides are in... PDF!
# [09:53] <hsivonen> but 404 :-(
# [09:53] <erlehmann> hsivonen, brace for impact
# [09:53] <erlehmann> oops
# [09:55] <erlehmann> hsivonen, http://blog.fireeye.com/files/27c3_julia_wolf_omg-wtf-pdf.pdf
# [09:56] <erlehmann> possibly her best quote “It's called Adobe Acrobat because it'll bend over backwards!”
# [09:57] <erlehmann> relevant blog post http://blog.fireeye.com/research/2011/02/omg-wtf-pdf-denouement.html
# [09:57] <hsivonen> speaking of PDF, who wants to bet on http://www.w3.org/Bugs/Public/show_bug.cgi?id=11962 ending up FIXED?
# [09:59] * Joins: ROBOd (~robod@109.96.198.148)
# [10:00] <othermaciej> maybe closed as WORKSFORME citing canvas...
# [10:00] <othermaciej> (though of course, I don't think anyone implements that hypothetically possible feature)
# [10:00] <erlehmann> hsivonen, when you read the PDF spec, was the launch action already available? did you get all “WTF were they thinking?” or was it just “this is wrong in a consistent and expected way”?
# [10:01] <hsivonen> erlehmann: I don't recall, but by that time, they had already dabbled with video in PDF, which misses the core comptence of PDF spectacularly
# [10:02] <erlehmann> othermaciej, i do not understand what problems baddi is having with printing to files.
# [10:02] <hsivonen> erlehmann: that presentation seems to be a recount of all the crazy stuff that I'm happy that Apple doesn't support and, therefore, is confined to ill-fated intranets and Adobe Reader-based exploits
# [10:02] <erlehmann> hsivonen, lets hope they converted the videos to CMYK, otherwise printers are not gonna print the- OH WAIT :D
# [10:04] <erlehmann> does apple use libpoppler or something home-grown?
# [10:04] <hsivonen> erlehmann: home-grown, I imagine
# [10:04] <hsivonen> I haven't seen their source
# [10:05] <hsivonen> but yeah, it's scary that people actually have Adobe Reader installed and use it given all those "features"
# [10:05] * Quits: pesla (~pesla@188.202.125.121) (Quit: Computer has gone to sleep.)
# [10:07] * Joins: kor (~kor@ip146-53-210-87.adsl2.static.versatel.nl)
# [10:07] * Joins: matjas (~matjas@91.182.15.61)
# [10:08] * hsivonen wonders what codebase Chrome's bundled PDF reader comes from
# [10:08] * Joins: pesla (~pesla@188.202.125.121)
# [10:08] <erlehmann> its funny what kind of computing environments i see in my peer groups. even the non-nerds mostly use linux or os x.
# [10:09] <erlehmann> but when i visited an indie game jam recently, almost every single team developed for windows/xbox or flash. on windows.
# [10:10] <erlehmann> those are the kinds of people affected by adobe reader exploits and i am happy i do not have to put up with that.
# [10:10] <erlehmann> (some even got angry when i asked about their source repositories. so the culture shock goes both ways.)
# [10:11] * Quits: gonemad3 (~workmad3@cpc3-bagu10-0-0-cust651.1-3.cable.virginmedia.com) (Remote host closed the connection)
# [10:13] * Joins: zcorpan (~zcorpan@c-8d9ae355.410-6-64736c14.cust.bredbandsbolaget.se)
# [10:13] <othermaciej> I don't understand how anyone could possibly program without version control
# [10:14] <erlehmann> ha! the two teams having version control used SVN!
# [10:14] <erlehmann> (out of … 11?)
# [10:16] <erlehmann> fun fact: several years ago, i saw the SVN repository of a student group having to do an assignment that included having to use version control to pass.
# [10:16] <erlehmann> it included directories named 2006-11-01 and so on.
# [10:16] <erlehmann> for every single day they had coded something.
# [10:16] <erlehmann> my face was like ._.
# [10:18] * Quits: kal-EL_ (~jor-EL@host195-73-dynamic.11-79-r.retail.telecomitalia.it) (Quit: ChatZilla 0.9.86 [Firefox 3.6.13/20101203075014])
# [10:18] * Joins: david_carlisle (~davidc@62.231.145.254)
# [10:27] * Quits: Xano (~bart@524BF837.cm-4-4d.dynamic.ziggo.nl) (Quit: Beer o'clock!)
# [10:42] * Joins: kal-EL_ (~jor-EL@host195-73-dynamic.11-79-r.retail.telecomitalia.it)
# [10:43] * Quits: agektmr (~Adium@2401:fa00:4:1012:fa1e:dfff:fee6:d74e) (Quit: Leaving.)
# [10:43] <connrs> [A
# [10:43] * Quits: connrs (~paul@host86-136-129-234.range86-136.btcentralplus.com) (Quit: leaving)
# [10:50] * Joins: mloki (~mloki__@x1-6-00-10-a7-28-f3-47.k765.webspeed.dk)
# [10:50] * Quits: Lachy (~Lachlan@cm-84.215.59.50.getinternet.no) (Quit: This computer has gone to sleep)
# [10:59] <webr3> is CORS anywhere near going to LC?
# [11:03] * Quits: pesla (~pesla@188.202.125.121) (Quit: Computer has gone to sleep.)
# [11:05] <roc> "PDF: a native code execution format pioneered by Adobe" (shaver quote)
# [11:05] * Joins: pesla (~pesla@188.202.125.121)
# [11:06] * Joins: Lachy (~Lachlan@pat-tdc.opera.com)
# [11:06] <erlehmann> roc, especially funny about the talk is julia wolfs idea in the beginning, that if the model was slightly different, adobe would have re-invented lisp.
# [11:07] <roc> I think Google *wants* WebM to be a real standard, but is just failing to do anything useful about it
# [11:08] <roc> I admit that it's hard to tell
# [11:08] <hsivonen> erlehmann: AFAICT, except for the length versus sentinel stuff, I think most craziness wasn't fundamental to PDF's original design
# [11:08] <hsivonen> erlehmann: rather, horrible, horrible later day misfeatures and Reader bugs
# [11:08] * Joins: ZombieLoffe (~e@unaffiliated/zombieloffe)
# [11:09] <hsivonen> FWIW, I think it would be good for Firefox to have a built-in PDF reader that supports roughtly the Apple/Evince subset
# [11:09] <hsivonen> *roughly
# [11:09] * Quits: virtuelv (~virtuelv_@pat-tdc.opera.com) (Ping timeout: 260 seconds)
# [11:10] <roc> we should write one in JS
# [11:12] <hsivonen> roc: a PDF to SVG converter in JS would make sense if SVG had the ability to access fonts by glyph index instead of Unicode character
# [11:12] <roc> we could add that
# [11:13] <hsivonen> roc: so some stuff would need to be added, but yeah, I think writing one in JS (by converting to SVG) would make sense
# [11:14] <hsivonen> though I wonder how that would perform compared to Evince or Preview
# [11:14] <roc> you'd have to do some experiments to see if it can be competitively fast
# [11:14] <roc> is PDF fully programmable like PS?
# [11:15] <hsivonen> roc: if you count the misfeatures, it is! (with JavaScript)
# [11:15] <roc> I mean the sane subset
# [11:15] <hsivonen> roc: no
# [11:15] <jgraham> I thought originally I was supposed to be less programmable
# [11:15] <jgraham> Indeed, I thought that was the value proposition
# [11:15] <jgraham> But I might be wrong
# [11:15] <erlehmann> roc, multiple indepentent implementations, royalty-free patent licensing, IETF draft for vp8 bitstream … it is hard to tell what is missing.
# [11:15] <roc> what maciej said, at least, part #2
# [11:16] <hsivonen> erlehmann: that the IETF drafts is on the "informational" track?
# [11:16] <erlehmann> hsivonen, i see what you did there.
# [11:17] * Joins: jeremyselier (~Jeremy@pro75-4-82-238-200-10.fbx.proxad.net)
# [11:17] <hsivonen> roc: oh, and I'm assuming the sane subset covers only outline fonts with TrueType or CFF outlines
# [11:17] <hsivonen> roc: not Type 3 stuff and such
# [11:18] <hsivonen> I'm not sure if Type 3 has crazy programmability. I suspect it does.
# [11:18] <erlehmann> hsivonen, but it should serve to appease the „oh noes i have to read googles code to get anything done“ crowd
# [11:18] <roc> we'd just repack embedded fonts into data: URLs
# [11:18] <erlehmann> cue code examples excerpts from the draft.
# [11:19] * Joins: smaug____ (~chatzilla@dsl-hkibrasgw4-fe45dc00-171.dhcp.inet.fi)
# [11:19] <hsivonen> roc: might be worth seeing how far Adobe Mars got
# [11:19] <hsivonen> as I undestand it, they tried to support the PDF feature set with SVG syntax
# [11:27] <othermaciej> erlehmann: the IETF draft explicitly says that the reference implementation is authoritative, and not the draft
# [11:27] * Joins: nessy (~Adium@124-171-47-99.dyn.iinet.net.au)
# [11:28] <othermaciej> erlehmann: as I said earlier: http://krijnhoetmer.nl/irc-logs/whatwg/20110203#l-546
# [11:28] * Joins: virtuelv (~virtuelv_@guest.opera.com)
# [11:28] <jgraham> hsivonen: Ignoring the fundamental design that you don't like, did you have some suggestion about the API for signalling to testharness.js "there are more results coming, please hold"
# [11:28] * Quits: virtuelv (~virtuelv_@guest.opera.com) (Client Quit)
# [11:28] <jgraham> I seem to recall that you did
# [11:29] * jgraham has a problem that he is not sure how to solve in the nicest way
# [11:29] <erlehmann> othermaciej, oh. i guess that is the #whatwg version of slashdots RTFA, then.
# [11:29] <othermaciej> so yeah, you do have to read and reverse-engineer Google's code if you want to independently reimplement it
# [11:29] <erlehmann> othermaciej, thanks.
# [11:30] <othermaciej> not only in theory, but apparently the people who wrote an independent decoder said had to consult the source too
# [11:30] <hsivonen> jgraham: I think the default should be "there are more results coming, please hold"
# [11:30] <jgraham> (I have a file with many tests. I would like each test to have a rather short timeout, and the overall file to have a rather long timeout. I would ideally like to declare all the tests upfront so that if the file times out it is obvious what went wrong rather than just getting fewer results than expected)
# [11:30] <hsivonen> jgraham: and once there aren't more results coming, the test script should have to call finish();
# [11:30] <othermaciej> they claimed (I have no basis to verify) that the spec is extremely vague and flat contradicts what the code does in a number of places
# [11:30] * Quits: homata__ (~homata@58x158x182x50.ap58.ftth.ucom.ne.jp) (Quit: Leaving...)
# [11:31] <erlehmann> othermaciej, so getting the bitstream fixed is not a priority for google? a truly sad thing :/
# [11:31] <othermaciej> by "fixed" do you mean "frozen" or "made correct"?
# [11:31] <jgraham> hsivonen: Hmm, OK.
# [11:31] <jgraham> Not really backwards compatible
# [11:32] <othermaciej> because I believe it is already declared frozen, but based on the behavior of their implementation, not any spec
# [11:32] <jgraham> But maybe enough to give me an idea
# [11:33] <erlehmann> othermaciej, i meant frozen. but if they do not change their implementation, i guess thats as good as it can get.
# [11:33] <hsivonen> jgraham: the alternative is doing what Mochitest does.
# [11:33] <hsivonen> jgraham: where the test first calls waitForExplicitFinish()
# [11:33] <hsivonen> jgraham: and then later finish();
# [11:34] <hsivonen> jgraham: but in my experience, it makes more sense to make waiting the default mode
# [11:36] <jgraham> hsivonen: It seems people want a setup() function anyway that you can use to run code before any tests. I was thinking that being able to do setup({waitForExplicitFinish:true}) or similar might work
# [11:36] <jgraham> and leave the option of flipping the default later
# [11:37] <hsivonen> jgraham: I suggest using something less verbose than what Mochitest uses
# [11:37] <jgraham> waitForExplicitFinish is very long for sure
# [11:37] <hsivonen> jgraham: I have to copy and paste the mochitest stuff from a wiki every. single. time.
# [11:37] <hsivonen> like namespace URLs
# [11:37] <othermaciej> WebKit tests default is that the test is considered done after it finishes loading unless it earlier asks the harness to wait until it calls an explicit done method
# [11:38] <othermaciej> (waitUntilDone() / notifyDone() are the calls)
# [11:38] <hsivonen> othermaciej: that's the Mochitest model
# [11:38] <jgraham> That sounds very like the model I am thinking of too :)
# [11:38] <hsivonen> othermaciej: my observation is that almost always the explicit waiting mechanism is needed anyway
# [11:38] <othermaciej> I think it is convenient for the significant subset of script tests that can be done fully syncrhonously or in onload
# [11:38] <hsivonen> ok.
# [11:39] <roc> It seems to me that I have to use SimpleTest.waitForFinish() and SimpleTest.finish() in every single test I write
# [11:39] <roc> maybe it's just me
# [11:40] <jgraham> Maybe Mochikit and the WebKit harness encourage different styles
# [11:40] * Quits: Lachy (~Lachlan@pat-tdc.opera.com) (Quit: Leaving)
# [11:40] <othermaciej> a lot of the tests I have written have been for DOM APIs or pure JavaScript
# [11:40] * Joins: Lachy (~Lachlan@pat-tdc.opera.com)
# [11:41] <othermaciej> so that may have an impact on my perception
# [11:42] * Joins: workmad3 (~workmad3@cspool123.cs.man.ac.uk)
# [11:42] <jgraham> Yeah, testing pure javascript is rather easier than testing complex async APIs
# [11:42] <zcorpan> the experience i have so far with testharness.js is that for future tests i write i'm only going to use async_test even if the test i write is sync in nature
# [11:42] <othermaciej> editing tests are mostly not async either
# [11:43] <roc> ok, rough numbers, 1590 out of 3131 mochitests use waitForExplicitFinish
# [11:43] <zcorpan> because then i can copy/paste the same code for the next test regardless of whether i want it to be sync or async
# [11:43] <jgraham> zcorpan: OOI why? Also, I didn't know you had used it :)
# [11:43] <jgraham> Heh
# [11:44] <zcorpan> jgraham: only a little
# [11:44] <zcorpan> jgraham: also i would like step() to return a function :)
# [11:44] <jgraham> zcorpan: Me too.
# [11:45] <jgraham> zcorpan: I just don't fancy changing all the existing tests :(
# [11:45] <zcorpan> i tested if using onevent = new t.step(function(){...}) would work but it seems it doesn't
# [11:45] * Quits: Lachy (~Lachlan@pat-tdc.opera.com) (Quit: Leaving)
# [11:46] * Quits: torvalamo (~loriisacu@c3373BF51.dhcp.bluecom.no) (Ping timeout: 240 seconds)
# [11:46] * Joins: Lachy (~Lachlan@pat-tdc.opera.com)
# [11:46] * jgraham tries to remember how branching works in hg
# [11:47] <roc> "hg update -r <changeset>", make some changes, "hg commit"?
# [11:49] <jgraham> Well specifically named branched
# [11:49] <jgraham> *branches
# [11:49] <jgraham> What git would call branches
# [11:50] * Quits: Lachy (~Lachlan@pat-tdc.opera.com) (Client Quit)
# [11:51] * Joins: Lachy (~Lachlan@pat-tdc.opera.com)
# [11:51] * Quits: Lachy (~Lachlan@pat-tdc.opera.com) (Client Quit)
# [11:51] * Joins: torvalamo (~loriisacu@c3373BF51.dhcp.bluecom.no)
# [11:51] * Joins: Lachy (~Lachlan@pat-tdc.opera.com)
# [11:54] * Quits: erlehmann (~erlehmann@89.204.137.112) (Quit: Ex-Chat)
# [11:54] * Quits: Rik` (~Rik`@pha75-2-81-57-187-57.fbx.proxad.net) (Remote host closed the connection)
# [11:55] * Parts: toyoshim (~toyoshim@y252189.dynamic.ppp.asahi-net.or.jp)
# [11:58] * Quits: jeremyselier (~Jeremy@pro75-4-82-238-200-10.fbx.proxad.net) (Ping timeout: 240 seconds)
# [12:03] * Joins: jeremyselier (~Jeremy@pro75-4-82-238-200-10.fbx.proxad.net)
# [12:07] * Joins: yusukes (~yusukes@2401:fa00:4:1000:224:81ff:fec1:6444)
# [12:08] * Quits: smaug____ (~chatzilla@dsl-hkibrasgw4-fe45dc00-171.dhcp.inet.fi) (Ping timeout: 240 seconds)
# [12:10] * Quits: benjoffe (~benjoffe@63-235-13-3.dia.static.qwest.net) (Ping timeout: 246 seconds)
# [12:11] * Joins: benjoffe (~benjoffe@63-235-13-3.dia.static.qwest.net)
# [12:21] * Joins: Rik` (~Rik`@mozilla-paris-222-194.cnt.nerim.net)
# [12:28] * Quits: wakaba_1 (~wakaba_@122x221x184x68.ap122.ftth.ucom.ne.jp) (Quit: Leaving...)
# [12:30] * Quits: lumely (~lumely@dhcp2-186.slis.tsukuba.ac.jp) (Read error: Connection reset by peer)
# [12:31] <hsivonen> Hixie: I think conceptually, innerHTML, createContextualFragment and XSLTProcessor.transformToFragment are shortcuts for creating DOM subtrees in script
# [12:32] <hsivonen> Hixie: since innerHTML-created scripts don't run anyway, it's safe to consider them as not parser-created
# [12:32] <hsivonen> Hixie: so that the force-async stuff is observable in a way that's consistent for DOM subtrees created without such shortcuts
# [12:33] <hsivonen> Hixie: it only matters if someone really wishes to read the .async property on innerHTML-created scripts
# [12:33] <hsivonen> also, I wonder if mattmay has noticed what the IETF's patent policy is like
# [12:34] <hsivonen> (not to suggest that IETF's makes the WHATWG's lack of policy better, but just to put things in perspective)
# [12:35] * Joins: pesla_ (~pesla@188.202.125.121)
# [12:36] * Joins: lumely (~lumely@dhcp2-186.slis.tsukuba.ac.jp)
# [12:37] * Quits: workmad3 (~workmad3@cspool123.cs.man.ac.uk) (Remote host closed the connection)
# [12:38] * Quits: pesla (~pesla@188.202.125.121) (Ping timeout: 240 seconds)
# [12:39] * Quits: zcorpan (~zcorpan@c-8d9ae355.410-6-64736c14.cust.bredbandsbolaget.se) (Quit: zcorpan)
# [12:39] * Joins: zcorpan (~zcorpan@c-8d9ae355.410-6-64736c14.cust.bredbandsbolaget.se)
# [12:42] * Joins: workmad3 (~workmad3@cspool123.cs.man.ac.uk)
# [12:56] <jgraham> Philip`: fwiw, it seems like PyPy has better than a factor of 2 wins for the benchmarks where you might expect it i.e. ones that sound like they are calculations in loops
# [12:57] <jgraham> e.g. it is about 20x faster for "raytrace-simple"
# [13:01] * Joins: remysharp (~remysharp@cpc2-brig17-2-0-cust448.3-3.cable.virginmedia.com)
# [13:01] * Quits: remysharp (~remysharp@cpc2-brig17-2-0-cust448.3-3.cable.virginmedia.com) (Client Quit)
# [13:05] <karlcow> hsivonen: if you see errors into http://www.la-grange.net/2011/02/03/standard-organization
# [13:05] <hsivonen> jgraham: why would PyPy have perf wins over anything?
# [13:06] <hsivonen> isn't PyPy python implemented in python?
# [13:06] <jgraham> hsivonen: Yes, but they also implemneted a JIT
# [13:06] <jgraham> So it is faster than CPython for many cases
# [13:06] <hsivonen> jgraham: what does in JIT to?
# [13:07] <hsivonen> karlcow: I don't see errors, but I don't know OMG, OASIS or WAPF policies well enough to check correctness
# [13:07] <jgraham> hsivonen: Machine code I assume
# [13:07] <hsivonen> karlcow: oh, and I believe ISO WGs can decide to be RF if they want to
# [13:07] <hsivonen> karlcow: don't take my word for that, though
# [13:08] <jgraham> karlcow: I suppose it is obvious that you seem to be missing some people
# [13:08] <hsivonen> karlcow: I believe the original JPEG Baseline wasn't RF by accident but the group deliberately wanted to have an RF Baseline profile
# [13:08] <hsivonen> karlcow: so arithmetic coding wasn't put into Baseline
# [13:08] * Quits: pesla_ (~pesla@188.202.125.121) (Quit: Computer has gone to sleep.)
# [13:08] <hsivonen> and of course, everyone implemented just the baseline
# [13:09] <hsivonen> so the existence of non-Baseline is mainly an academic thing
# [13:09] <hsivonen> blame IBM
# [13:09] <hsivonen> for not making arithmetic coding RF back then
# [13:10] <hsivonen> basically, we've been transmitting more bits than known to be necessary for the lifetime of the Web
# [13:10] <hsivonen> so that IBM could make a buck
# [13:11] <hsivonen> except no one wanted to take a license from them so everyone lost
# [13:11] <hsivonen> IBM didn't get money and everyone else didn't get better compression
# [13:11] <hsivonen> sadness
# [13:16] * Quits: MikeSmith (~MikeSmith@2002:d106:7be0:1234:219:e3ff:fe08:8ad3) (Ping timeout: 272 seconds)
# [13:16] <karlcow> it is a cut n paste of a table I made in 2002
# [13:16] * Quits: roc (~chatzilla@121.98.230.221) (Ping timeout: 240 seconds)
# [13:17] * Joins: MrOpposite (~mropposit@unaffiliated/mropposite)
# [13:20] <hsivonen> hmm. so it looks like there is an actual disposition of comments for ARIA that includes my comments
# [13:20] <hsivonen> http://www.w3.org/WAI/PF/comments/issue_disposition_report?document_version_id=1
# [13:21] <hsivonen> but the latest version links to a different DoC that makes it look like those comments didn't exist
# [13:21] * Quits: nessy (~Adium@124-171-47-99.dyn.iinet.net.au) (Quit: Leaving.)
# [13:22] <hsivonen> I find it interesting that the PF claims that some of the feedback items that I've raised have the disposition "Accepted proposal" when my Acknowledgement is "Do not accept"
# [13:23] <hsivonen> I wonder if I should have made some of those Formal Objections
# [13:25] <hsivonen> I wonder what the CR exit criteria for ARIA is...
# [13:26] <hsivonen> if they are serious about CR exit criteria (like CSS is), some of my comments that they didn't address should block exit from CR
# [13:26] <hsivonen> unless implementors do something silly
# [13:27] <zcorpan> has ARIA fixed the <body>-or-<frameset>-is-the-root-element-in-HTML thing?
# [13:27] <hsivonen> zcorpan: dunno
# [13:27] <hsivonen> item 5 in ARIA CR exit criteria is "Verify interoperable results: Find at least two implementations of each normative requirement where the defined behavior for the respective accessibility API is observed. "
# [13:28] <hsivonen> maybe I should check if e.g. the role=math stuff is formulated as a normative requirement
# [13:28] <hsivonen> because it's easy to pull the XHTML2 WG trick of exiting CR by not having normative requirements
# [13:31] <zcorpan> it seems the definition of "ARIA root" (or whatever it was called) is gone, but there's still "authors SHOULD set the role of application on the root node for content, such as the body element in HTML or svg element in SVG."
# [13:31] <hsivonen> on a more positive note, role=math has gained examples: http://www.w3.org/TR/wai-aria/complete#math
# [13:32] <hsivonen> the spec text itself doesn't make it at all clear what they meant
# [13:32] <hsivonen> it's bad if one has to look at examples to decrypt the spec text
# [13:33] <hsivonen> the sentence 'This role provides a hook whereby a plug-in mechanism can provide multi-modal access to compliant MathML, as well as enabling support for MathML in "mainstream" user agents.' is just weird
# [13:33] <zcorpan> i think "math" should be axed, and argued my case when it was introduced but i didn't win
# [13:34] <zcorpan> role=math for mathml makes no sense at all
# [13:34] <zcorpan> role=math for LaTeX makes some sense, but it's not defined how it should work at all
# [13:35] <zcorpan> seems better to focus on MathML
# [13:36] <hsivonen> http://www.w3.org/WAI/PF/aria-implementation/#exclude_elements is truly bizarre as far as math goes
# [13:37] <jgraham> zcorpan: LaTeX may have a better a11y story at present
# [13:37] <hsivonen> is it now the WAI position that math accessibility won't be achieved by MathML getting spoken out but by authors providing textual representations of math as aria-label and the MathML stuff getting suppressed?
# [13:38] * Joins: annevk (~annevk@pat-tdc.opera.com)
# [13:38] <jgraham> At least there are > 0 screenreader implementation that understand LaTeX but I am not sure about MathML
# [13:38] <annevk> hah, not even cold in Oslo
# [13:38] <hsivonen> jgraham: Math Player does MathML to speech
# [13:38] <hsivonen> jgraham: for LaTeX, do you mean AsTeR?
# [13:38] <jgraham> hsivonen: Interesting. Know if it is any good?
# [13:38] <annevk> webr3, if you're around now...
# [13:38] <hsivonen> jgraham: I don't
# [13:39] <jgraham> hsivonen: Possibly. I have heard they exist at least
# [13:39] <hsivonen> jgraham: should be easy enough to try if you have a Windows VM around
# [13:39] <jgraham> And it seems more generally useful since blind people publishing math content will probably have to use LaTeX anyway
# [13:39] <jgraham> Or Microsoft word, I guess
# [13:40] <jgraham> But LaTeX in maths/physical sciences
# [13:41] <hsivonen> I guess I'll raise a CR comment about role=math
# [13:41] <hsivonen> because the spec text sucks
# [13:41] <hsivonen> even if one accepts the design that can be inferred from the Implementor's Guide and the examples taken together
# [13:44] * annevk should probably read the backlog
# [13:45] * jgraham wishes it were easy to pause a setTimeout
# [13:46] <jgraham> Hmm, maybe I don't need it
# [13:51] * Joins: roc (~chatzilla@121.98.230.221)
# [13:51] * webr3 is around in about 2 minutes, need to grab a drink
# [13:55] * Joins: kennyluck (~kennyluck@114-25-245-13.dynamic.hinet.net)
# [13:58] <annevk> webr3, having reread, what you think about namespaces is somewhat separate from thinking you can do things over
# [13:58] <annevk> webr3, "XHTML 2.0" is sort of the canonical example of how reinventing a language and "improving" it slightly is not working in practice
# [13:59] <annevk> webr3, with which I meant to say that reinventing the web security model is not going to work in practice
# [13:59] <annevk> webr3, not until the web is replaced
# [14:02] <webr3> annevk, on namespaces: did you see my comments on namespaces, rdfa and html to the tag before? http://lists.w3.org/Archives/Public/www-tag/2011Feb/0032.html
# [14:02] * Joins: MikeSmith (~MikeSmith@31-35-219.wireless.csail.mit.edu)
# [14:04] <webr3> annevk, on web security I'm not saying CORS doesn't deal with the hear and now, it does - I'm saying that it doesn't cater for / help reverse the insecurities of the web in any way, there is something fundamentally flawed when you can do insecure stuff and be "logged in" by passing a string token in plain text (cookies) ...
# [14:05] <webr3> and when you cannot read a comment in a script included remotely, but when you can execute a function from that script
# [14:05] <webr3> and when most of the web APIs in the world use things like JSONP and not CORS, the former being a cross origin request that executes code from another library
# [14:06] <annevk> well yes, you have said that before, and I believe I replied with that we hope that will change once CORS is more widely implemented
# [14:08] <webr3> aside: obviously it's nothing personal in any way, and all a means to the same end, same side as it were, just want people to be secure/safe on line and have a good experience on line - it'd be good if both approaches could be combined (deal with the hear and now, move to a "securer" web from both a security and privacy standpoint, long term, and not /just/ for the browsers, but for everyone
# [14:08] <annevk> the problem is unique to browsers though
# [14:08] <webr3> I really don't have much else to say other than that, but do want to stress that I'm not just some random academic who uses decade old techs, rather a dev who wants to use the techs of the next decade
# [14:09] <webr3> annevk, it's not - honestly
# [14:09] <annevk> no need to say you're honest, you can give me an example
# [14:09] * Quits: stalled (~stalled@unaffiliated/stalled) (Ping timeout: 265 seconds)
# [14:10] <annevk> ;)
# [14:11] <webr3> if an intranet is insecure because data can pass between the local net and internet, then it's insecure, and any program w/ tcp access is as vulnerable as the next - likewise if a website can be comprimised because a cookie can be sniffed and used to auth, then its comprimised for all clients, not just browsers (firesheep anybody?)
# [14:13] <webr3> non of it can be addressed overnight - if intranets were secured properly, and XHR simply stripped all headers like cookie and the like (unsafe ones) then we'd all be in a better place
# [14:13] <hsivonen> I sent yet another comment: http://lists.w3.org/Archives/Public/www-math/2011Feb/0001.html
# [14:13] <webr3> disagree?
# [14:14] <hsivonen> webr3: then you couldn't use XHR for services that need login, which would be bad, too
# [14:14] <hsivonen> (or you'd need to implement XHR credentials explicitly in JS)
# [14:15] <webr3> or use HTTP+TLS w/ client side certs or by havign an api and protocol which used TLS extensions to pass username and password like SRP
# [14:16] <webr3> "login" shouldn't be happening though.. HTTP is stateless, TLS isn't, stateful auth at TLS session level = cool, stateful HTTP = not cool
# [14:17] <webr3> we all know it's the source of almost every security vuln there is on the web and in the browsers
# [14:17] <webr3> none of us can argue that
# [14:18] <hsivonen> webr3: HTTP being stateless is fiction
# [14:19] <hsivonen> webr3: how do things become better if ambient state moves to the TLS layer?
# [14:19] <hsivonen> webr3: or would you make it non-ambient?
# [14:19] <hsivonen> (how?)
# [14:20] <webr3> well no, state should be maintained on the client side, in the application, not on the server at all, some resources need ACL protection and that's a different, non stateful matter, better handled with HTTP+TLS
# [14:20] * Joins: FireFly (~firefly@unaffiliated/firefly)
# [14:21] <hsivonen> webr3: cookie-based login maintains state on the client, no_
# [14:21] <hsivonen> ?
# [14:21] <annevk> webr3, so yeah, if you have some kind of malware on your computer the intranet is "vulnerable"
# [14:21] <annevk> webr3, if there is no such thing though, it is just the browser
# [14:21] <webr3> hsivonnen, no - else there wouldn't be any need for a cookie..
# [14:22] * Joins: stalled (~stalled@unaffiliated/stalled)
# [14:22] <hsivonen> webr3: so a client-side cert is a glorified cookie
# [14:22] <webr3> no..
# [14:23] <hsivonen> webr3: when the browser presents a client-side cert to the server, how does the server know the request wasn't triggered by something representing user intent instead of something scripted?
# [14:23] <hsivonen> webr3: how is a client-side cert not a glorified cookie in the sense that it's an identifying token than the browser presents to the server
# [14:23] <hsivonen> ?
# [14:24] <webr3> lol, it's the browsers job to ensure the user knows they've just made a request whilst being identified..
# [14:24] <webr3> user agents job*
# [14:24] <hsivonen> webr3: so how do client-side certs solve anything compared to a UX than confirms if you want to send this cookie to this server?
# [14:25] <hsivonen> for this request
# [14:25] <hsivonen> webr3: do you have plausible UI designs for letting the users review all the requests that the browser makes?
# [14:26] * Parts: anttio (~anttio@huittinen.of.frantic.com)
# [14:26] <webr3> encryption over the wire, peer to peer, no requirement for server to maintain state over multiple requests, no way it to be hijacked by an intermediary or third party.
# [14:26] * Quits: MrOpposite (~mropposit@unaffiliated/mropposite) (Remote host closed the connection)
# [14:26] <hsivonen> webr3: so do you expect the user to reauthorize the use of the cert for every request in order to avoid having client-side state?
# [14:27] <webr3> hsivonen, not a UI guy, but there's another factor, scripts would need to be identified in such a way that users could allow X script and not Y - similar to the approach taken in widgets and warp
# [14:27] <webr3> hsivonen, no i expect the user agent to manage which "scripts" are allowed to make what requests, and provide the user with a quick way of saying let script Y make requests to (everywhere, these palces, nowhere)
# [14:28] <hsivonen> webr3: good luck with J. Random User identifying scripts
# [14:28] <hsivonen> webr3: so how's that different from putting that UX on top of cookies?
# [14:28] <hsivonen> how does SSL make the token and UI more magic?
# [14:29] <hsivonen> it boils down to having a token and the user authorizing the presentation of the token to the server instead of all requests being ambiently authorized to present the token
# [14:30] <hsivonen> or if you don't want the user to oversee this all, the tokens should be tied to the origins making the requests
# [14:30] <webr3> no.. it boils down to whether users and websites are safe or not, sending a plain text cookie over insecured protocols to a stateful application is not safe for users or websites, hence the current mess
# [14:30] <hsivonen> but that could be done with cookies tied to requesting origin
# [14:31] <webr3> http+tls with the presentation of (some user identifier) protects users and websites
# [14:31] <webr3> hsivonen, no it can't..
# [14:31] <hsivonen> webr3: why not?
# [14:32] <webr3> sniff a cookie with firesheep, use curl to send it in a header with a spoofed origin, or no origin
# [14:32] <webr3> that's hardly rocket science
# [14:32] <hsivonen> currently if Origin A makes a request to Origin B and Origin B sets a cookie, Origin C making a request to Origin B sends back the cookie, because the cookie wasn't put into an Origin A-specific jar
# [14:33] <webr3> in the web browsers /only/ - scope out a bit..
# [14:33] <hsivonen> webr3: I mean cookies over TLS as opposed to certs over TLS
# [14:34] <webr3> okay that's an improvement and keeps people safer; sookie being much more vuln to dictionary brute force etc than public key encryption, but yet forcing TLS when identified is a HUGE step forward
# [14:34] <webr3> I'd be happy to see that alone get adopted / pushed
# [14:34] <webr3> tis half way there
# [14:35] <annevk> anyone know status of IDN for email? and whether we should maybe ignore said status for type=email given that apparently it is seeing some usage already
# [14:36] <annevk> we got a complaint that e.g. x@日.jp is not working currently
# [14:39] <webr3> hsivonen, are we roughly agreed - or does that help explain my thoughts on the matter?
# [14:39] * Quits: eric_carlson (~ericc@adsl-67-112-12-110.dsl.anhm01.pacbell.net) (Quit: eric_carlson)
# [14:39] * eric_carlson_ is now known as eric_carlson
# [14:40] <webr3> annevk, when you're done w/ the IDN stuff, see if the above convo w/ hsivonen makes sense and if you agree that'd be a good goal
# [14:40] <MikeSmith> Hixie: nobody implemented @seamless yet?
# [14:43] * Joins: remysharp (~remysharp@cpc2-brig17-2-0-cust448.3-3.cable.virginmedia.com)
# [14:44] <MikeSmith> karlcow: you should add Khronos group to your standards-org table
# [14:44] <karlcow> MikeSmith: ah thanks. will do.
# [14:44] <hsivonen> webr3: well, I still don't see how client-side certs solve any cookie problems compared to cookies over TLS
# [14:44] <annevk> webr3, STS is the always use TLS solution... or did you mean something else?
# [14:45] <hsivonen> webr3: once the sniffing problem is solved with crypto, the rest is a question of when tokens are sent
# [14:45] <hsivonen> not a matter of the tokens themselves being crypto thingies
# [14:46] <webr3> hsivonen, roughly agree, other than crypto isn't user specific that way, it's just wire crypto, so then the strength of the token becomes a factor
# [14:46] <webr3> I'mnot hooked on client side certs, just a TLS when identified as being a good thing, moving to HTTP (http://) being stateless, and anywhere near that would be a huge improvement
# [14:47] <webr3> especially if intranet security could be addressed in some way over time too
# [14:47] <webr3> just any step in those directions, and some agreement from you guys that that would be a good thing would be enough for me
# [14:47] <hsivonen> the main reasons why people do login without crypto are 1) getting certs is trouble and 2) performing crypto burns cycles
# [14:48] <hsivonen> of course, login without crypto is a terrible idea in a world with eavesdroppable channels
# [14:48] <webr3> :) yes
# [14:48] <webr3> to both
# [14:48] <webr3> 1) is being worked on btw
# [14:48] <webr3> making self signed certs easier that is
# [14:49] * Joins: miketaylr (~miketaylr@206.217.92.186)
# [14:50] * Quits: karlcow (~karl@nerval.la-grange.net) (Quit: Freedom - to walk free and own no superior.)
# [14:50] * Joins: karlcow (~karl@nerval.la-grange.net)
# [14:50] <hsivonen> annevk: fwiw, I think the questions in the IEblog post are very reasonable. the main problems are not saying what risks are apply to H.264 as well and having "from community" in the title instead of "from Dean"
# [14:50] <hsivonen> s/are apply/apply/
# [14:51] * webr3 wonders if saying "yes lets try and do something, anything, about web security, even if it's just getting TLS as defacto when authed and discouraging cookie use" is a hard commitment to make and to facto in to the current model?
# [14:53] <annevk> hsivonen, they are reasonable questions, but 2/3 apply to H.264 too
# [14:54] * Joins: plainhao (~plainhao@208.75.85.237)
# [14:54] <annevk> hsivonen, the problem is indeed the way it is presented
# [14:57] * Joins: erlehmann (~erlehmann@89.204.137.112)
# [15:07] * Quits: karlcow (~karl@nerval.la-grange.net) (Quit: Freedom - to walk free and own no superior.)
# [15:07] * Joins: karlcow (~karl@nerval.la-grange.net)
# [15:10] * Joins: ttepasse (~ttepasse@ip-109-90-161-169.unitymediagroup.de)
# [15:11] * Joins: phrearch (~phrearch_@82-136-229-19.ip.telfort.nl)
# [15:14] * Quits: karlcow (~karl@nerval.la-grange.net) (Quit: Freedom - to walk free and own no superior.)
# [15:14] * Joins: karlcow (~karl@nerval.la-grange.net)
# [15:17] * Joins: smaug____ (~chatzilla@dsl-hkibrasgw4-fe45dc00-171.dhcp.inet.fi)
# [15:17] * Quits: yutak (~yutak@2401:fa00:4:1000:baac:6fff:fe99:adfb) (Quit: Ex-Chat)
# [15:21] * Joins: loucapo (~Adium@209.251.200.243)
# [15:22] <loucapo> greeting all, i am still trying to find some guidance on CORS to a pwd protected url. what i have doesnt seem to work
# [15:25] * Joins: bfrohs (~bfrohs@smtp.forewordinternal.com)
# [15:27] <annevk> you might be running into browser bugs
# [15:27] <annevk> if you set an Authorization header yourself and do an otherwise simple request, does the browser issue a preflight request?
# [15:28] <annevk> or does it try to directly issue the request (if so, it's a browser bug)
# [15:28] <loucapo> its does preflight but i do not see the header in the preflight
# [15:31] <annevk> right, if the header is not in Access-Control-Request-Headers there's a bug too
# [15:31] <loucapo> i see
# [15:32] <loucapo> so i cannot really 100% support that as of now
# [15:32] * Joins: BlurstOfTimes (~blurstoft@168.203.117.107)
# [15:33] <annevk> you should file some bugs
# [15:34] <loucapo> ok, i iwll test it with several browsers first
# [15:34] <webr3> loucapo, you are sending the 'Access-Control-Allow-Credentials' header yes?
# [15:34] <webr3> (from the server)
# [15:34] <loucapo> let me dbl chk
# [15:35] <loucapo> yup its true
# [15:35] <webr3> how are you sending username and password?
# [15:35] <loucapo> Access-Control-Allow-Head...X_REQUESTED_WITH, X-TxId, Content-Type, Cache-Control, AuthorizationAccess-Control-Allow-Meth...GET, POST, OPTIONSAccess-Control-Allow-Orig...http://localhostAccess-Control-Expose-Hea...Status, Content-LengthAccess-Control-Max-Age86400Content-Typetext/htmlAccess-Control-Allow-Cred...true
# [15:36] <loucapo> oops that got jumbled
# [15:36] <webr3> pastebin it
# [15:37] <loucapo> http://pastebin.com/eZW2ZsHz
# [15:38] * Joins: fef (~brandon@static-96-254-222-162.tampfl.fios.verizon.net)
# [15:39] <loucapo> i believe i need to base64 encode u & p
# [15:40] * Joins: Xano (~bart@524BF837.cm-4-4d.dynamic.ziggo.nl)
# [15:40] * Joins: eric_carlson_ (~ericc@adsl-67-112-12-110.dsl.anhm01.pacbell.net)
# [15:42] <webr3> ahh I had loads of problems with Allow-Origin of localhost, swap that to * for a minute and see if it works
# [15:42] <annevk> * + credentials does not work
# [15:43] <annevk> besides, we already determined another problem
# [17:43] * Disconnected
# [17:44] * Attempting to rejoin channel #whatwg
# [17:44] * Rejoined channel #whatwg
# [17:44] * Topic is 'WHATWG: http://www.whatwg.org/ -- logs: http://krijnhoetmer.nl/irc-logs/ -- stats: http://gavinsharp.com/irc/whatwg.html -- Please leave your sense of logic at the door, thanks!'
# [17:44] * Set by annevk42 on Mon Oct 19 22:03:06
# [17:46] * Joins: justinhjohnson (~Adium@67-131-94-2.dia.static.qwest.net)
# [17:47] * Quits: wirepair (fbi@random.supermario.org) (Read error: Connection reset by peer)
# [17:51] * Joins: sroussey (~sroussey@adsl-69-234-111-42.dsl.irvnca.pacbell.net)
# [17:54] * Quits: erlehmann (~erlehmann@pD9E79131.dip0.t-ipconnect.de) (Quit: Ex-Chat)
# [17:54] * Joins: wirepair (fbi@random.supermario.org)
# [17:55] * Parts: xnoise (~root@86.121.33.154)
# [18:03] * Joins: cying (~cying@c-24-23-135-168.hsd1.ca.comcast.net)
# [18:07] * Quits: hdhoang (~hdhoang@cmalu.zahe.me) (Quit: Leaving.)
# [18:07] * Quits: maikmerten (~merten@ls5dhcp197.cs.uni-dortmund.de) (Remote host closed the connection)
# [18:09] * Quits: Lachy (~Lachlan@pat-tdc.opera.com) (Quit: This computer has gone to sleep)
# [18:12] * Joins: Maurice (copyman@5ED573FA.cm-7-6b.dynamic.ziggo.nl)
# [18:13] * Quits: f1lt3r_bocoup (~f1lt3r@64.119.153.2) (Remote host closed the connection)
# [18:15] * Quits: espadrine (~espadrine@acces1391.res.insa-lyon.fr) (Ping timeout: 272 seconds)
# [18:19] * Quits: kbrosnan (~kbrosnan@firefox/community/qa/kbrosnan) (Quit: leaving)
# [18:19] * Joins: kbrosnan (~kbrosnan@firefox/community/qa/kbrosnan)
# [18:21] * _bga is now known as bga_|away
# [18:27] * Quits: remysharp (~remysharp@cpc2-brig17-2-0-cust448.3-3.cable.virginmedia.com) (Quit: Shazam)
# [18:27] * bga_|away is now known as bga_
# [18:33] * Joins: Frippe (~Frippe@238.218.216.81.static.hud.siw.siwnet.net)
# [18:33] * Joins: Bass10 (~Bass10@c-76-113-194-7.hsd1.mn.comcast.net)
# [18:34] * Quits: Bass10 (~Bass10@c-76-113-194-7.hsd1.mn.comcast.net) (Max SendQ exceeded)
# [18:37] * Joins: Ms2ger (~Ms2ger@91.181.209.122)
# [18:40] * Joins: zcorpan (~zcorpan@c-8d9ae355.410-6-64736c14.cust.bredbandsbolaget.se)
# [18:41] <zcorpan> https://grepular.com/Abusing_HTTP_Status_Codes_to_Expose_Private_Information - should we always fire 'load' for cross-origin images and scripts etc?
# [18:41] * Joins: ap (~ap@2620:0:1b00:1191:226:4aff:fe14:aad6)
# [18:42] * Joins: svl (~me@ip565744a7.direct-adsl.nl)
# [18:44] * Quits: smaug____ (~chatzilla@dsl-hkibrasgw4-fe45dc00-171.dhcp.inet.fi) (Ping timeout: 255 seconds)
# [18:48] * Quits: zcorpan (~zcorpan@c-8d9ae355.410-6-64736c14.cust.bredbandsbolaget.se) (Remote host closed the connection)
# [18:49] * Joins: dbaron (~dbaron@nat/mozilla/x-icawxazqhlfyoyjp)
# [18:54] <ap> Hixie: hsivonen: it seems to be far from "post mortem" stage for script loading hacks required by LABjs, see <http://ln.hixie.ch/?start=1296711456&count=1>
# [18:55] <ap> which makes me unsure if we want to implement these latest spec changes in WebKit - what good are they if they don't even make LABjs work?
# [18:56] <ap> <https://bugs.webkit.org/show_bug.cgi?id=30862> has the discussion
# [18:58] * Quits: workmad3 (~workmad3@cspool123.cs.man.ac.uk) (Ping timeout: 240 seconds)
# [19:00] <Hixie> they don't make LABjs work?
# [19:01] * Joins: f1lt3r_bocoup (~f1lt3r@64.119.153.2)
# [19:01] <karlcow> interesting http://www.guardian.co.uk/news/blog/2011/feb/03/egypt-protests-live-updates
# [19:01] <karlcow> >5.52pm: The Guardian's Mona Mahmood has translated another summary into Arabic. We're working on how to format it correctly so that it aligns to the right, not the left.
# [19:02] * Joins: TabAtkins_ (~tabatkins@67.218.103.37)
# [19:02] <karlcow> ***aligns to the right, not the left***
# [19:02] <Hixie> ap: that seems to be an unrelated caching issue
# [19:02] <karlcow> I guess they didn't plan at the start to have multilingual pages.
# [19:02] <ap> Hixie: it's definitely not technically related
# [19:03] <ap> Hixie: it's related in that the technique LABjs wants seems to require both
# [19:03] <Hixie> the bug above seems uncontroversial
# [19:04] <ap> Hixie: all WebKit developers who cared to comment think it's WONTFIX - is that what you mean by uncontroversial?
# [19:04] <Hixie> are we looking at the same bug?
# [19:05] <Hixie> if you force-reload a page, the resources referenced by the parser are also force-reloaded, but those referenced by script later are not
# [19:05] <Hixie> the comments from devs all seemed positive to me...
# [19:05] <Hixie> but i did skim it
# [19:06] <ap> Hixie: Kyle Simpson has hijacked the bug to talk about larger issues - he wants reload to set a permanent state on a page, so that all resources will be force-reloaded
# [19:06] <Hixie> oh i just ignored his comments cos they were so long
# [19:07] <hsivonen> ap: huh? how do you mean don't make LABjs work?
# [19:07] <hsivonen> ap: it seemed to me WebKit devs were deferring to Hixie for decision
# [19:07] * Quits: danbri (~danbri@ip176-48-210-87.adsl2.static.versatel.nl) (Read error: Connection reset by peer)
# [19:07] <Hixie> hsivonen: different issue
# [19:07] <Hixie> ap: seems reasonable to me to make force-refresh sticky until onload, i agree that beyond that it gets a bit weird
# [19:08] <hsivonen> Hixie: oh, ok
# [19:08] <Hixie> ap: this all seems to be a UI issue though, i don't see how LABjs could depend on it one way or the other
# [19:09] <ap> Hixie: seems like they want to train users to hit shift-refresh (or ctrl+f5) when something doesn't work
# [19:09] <ap> Hixie: and that will make dynamic script loading feasible
# [19:09] * Joins: bentruyman (~bentruyma@li159-104.members.linode.com)
# [19:09] * Quits: david_carlisle (~davidc@62.231.145.254) (Ping timeout: 240 seconds)
# [19:10] <Hixie> one would hope that something not working would be rare enough that there would be no opportunity for user training on the matter
# [19:10] <Hixie> especially since whether it works or not is entirely under the control of the author here
# [19:10] <Hixie> if they want to force refresh, just have them change the url
# [19:10] <Hixie> foo.js?r=2
# [19:10] <Hixie> foo.js?r=3
# [19:10] <Hixie> foo.js?r=4
# [19:10] <Hixie> etc
# [19:12] <hsivonen> relying on user training when the author has too long an expiry but doesn't change the URL seems like FAIL to me
# [19:13] <hsivonen> either the author should make expiry short or change the URL
# [19:17] <ap> hsivonen: wholeheartedly agreed. Shift-reload is something we were extremely hesitant to even implement in Safari, and making it part of normal user experience is a bad idea
# [19:18] * Joins: weinig (~weinig@17.203.14.133)
# [19:20] * Joins: chriseppstein_ (~chris@dsl081-061-073.sfo1.dsl.speakeasy.net)
# [19:20] <othermaciej> hsivonen, ap: maybe the shift-reload is only intended for use during development and testing?
# [19:21] <othermaciej> (though really a staging server for testing should have very short expirations)
# [19:21] <ap> othermaciej: today, its behavior only helps with buggy caching proxies - instead of revalidation, it forces end to end reload
# [19:22] <othermaciej> ah
# [19:23] * Quits: cying (~cying@c-24-23-135-168.hsd1.ca.comcast.net) (Quit: cying)
# [19:24] * Quits: chriseppstein (~chris@209.119.65.162) (Ping timeout: 255 seconds)
# [19:24] * chriseppstein_ is now known as chriseppstein
# [19:24] * Quits: Ms2ger (~Ms2ger@91.181.209.122) (Ping timeout: 240 seconds)
# [19:24] <hsivonen> in any case, as long as window.location.reload() changes aren't being requestied, this seems like a thing that doesn't belong in a spec that's concerned with interop
# [19:26] <Hixie> indeed
# [19:26] <Hixie> ui issue
# [19:28] * Quits: othermaciej (~mjs@c-24-6-209-6.hsd1.ca.comcast.net) (Quit: othermaciej)
# [19:30] * Quits: TabAtkins_ (~tabatkins@67.218.103.37) (Ping timeout: 246 seconds)
# [19:30] * Joins: pesla (~pesla@ip51cc03a5.speed.planet.nl)
# [19:32] <AryehGregor> Philip`, I was more trying to get a feel for how authors use the feature, not judge compat risk.
# [19:32] * Quits: rimantas (~rimliu@93.93.57.193) (Quit: Leaving)
# [19:33] <AryehGregor> E.g., ehsan asked what the use-cases were for innerText, and now I have a couple.
# [19:33] <AryehGregor> Opera people have already said you can mostly get compat by making it work almost like textContent.
# [19:34] * Quits: Rik` (~Rik`@mozilla-paris-222-194.cnt.nerim.net) (Remote host closed the connection)
# [19:34] * Joins: nielsle (~nielsle@4135136-cl69.boa.fiberby.dk)
# [19:36] * Joins: TabAtkins_ (~tabatkins@nat/google/x-ahkwckzufysdxwmq)
# [19:36] * Joins: Ms2ger (~Ms2ger@91.181.219.174)
# [19:39] * Quits: miketaylr (~miketaylr@206.217.92.186) (Quit: miketaylr)
# [19:39] * Joins: miketaylr (~miketaylr@206.217.92.186)
# [19:40] * Joins: danbri (~danbri@ip176-48-210-87.adsl2.static.versatel.nl)
# [19:41] * Joins: zcorpan (~zcorpan@c-8d9ae355.410-6-64736c14.cust.bredbandsbolaget.se)
# [19:41] * Joins: mdelaney (~mdelaney@67.218.110.38)
# [19:44] * Joins: othermaciej (~mjs@67.218.103.140)
# [19:53] * Joins: dave_levin (~dave_levi@74.125.59.76)
# [19:54] * Quits: Ms2ger (~Ms2ger@91.181.219.174) (Quit: nn)
# [19:59] * Quits: mdelaney (~mdelaney@67.218.110.38) (Quit: mdelaney)
# [19:59] * Joins: kurrik (~kurrik@nat/google/x-masvbvuzjkrnzncb)
# [20:00] * Joins: workmad3 (~workmad3@cpc3-bagu10-0-0-cust651.1-3.cable.virginmedia.com)
# [20:02] * Joins: jwalden (~waldo@nat/mozilla/x-jablxvmiievhrykj)
# [20:05] * Joins: mdelaney (~mdelaney@2620:0:1b00:1191:7965:b78d:206a:2873)
# [20:07] * Joins: cying (~cying@173-228-29-224.dsl.static.sonic.net)
# [20:12] * Quits: mhausenblas (~mhausenbl@wg1-nat.fwgal01.deri.ie) (Quit: mhausenblas)
# [20:15] * bga_ is now known as bga_|away
# [20:24] * Quits: workmad3 (~workmad3@cpc3-bagu10-0-0-cust651.1-3.cable.virginmedia.com) (Remote host closed the connection)
# [20:25] * Joins: jamesr_ (~jamesr@nat/google/x-zmnwkvfpyuoqkybr)
# [20:28] <jgraham> FWIW Opera doesn't have a concept of force-reload exposed in the UI
# [20:34] <heycam> annevk, a table i can't quite remember. what would it be a table of?
# [20:38] * bga_|away is now known as bga_
# [20:40] <jgraham> heycam: If you are asking the question I think you are asking, DOM Method and behaviour with null
# [20:40] * Joins: workmad3 (~workmad3@cpc3-bagu10-0-0-cust651.1-3.cable.virginmedia.com)
# [20:41] * Quits: workmad3 (~workmad3@cpc3-bagu10-0-0-cust651.1-3.cable.virginmedia.com) (Remote host closed the connection)
# [20:42] <heycam> jgraham, ah
# [20:42] <heycam> jgraham, yeah I did test a bunch of methods and put the results somewhere...
# [20:43] * Quits: Frippe (~Frippe@238.218.216.81.static.hud.siw.siwnet.net) (Quit: :3)
# [20:45] * Quits: othermaciej (~mjs@67.218.103.140) (Quit: othermaciej)
# [20:46] <heycam> jgraham, annevk, i found this http://mcc.id.au/2007/05/binding-tests/index.html but i don't think that's what you're after. (there's one test in there for assigning null to some attributes but it looks like i don't have the results recorded.)
# [20:48] <heycam> for DOMStrings and the specs, at least, there are these: http://dev.w3.org/2006/webapi/WebIDL/dom/
# [20:48] * Joins: Steve^ (~steve@cpc2-hari1-0-0-cust1111.hari.cable.virginmedia.com)
# [20:49] <heycam> s/the specs/the DOM specs/
# [20:50] * Quits: benjoffe (~benjoffe@63-235-13-3.dia.static.qwest.net) (Quit: benjoffe)
# [20:58] * Joins: bckenny (~bckenny@nat/google/x-tsctugleqrcyzcfq)
# [21:02] * Quits: TabAtkins_ (~tabatkins@nat/google/x-ahkwckzufysdxwmq) (Ping timeout: 265 seconds)
# [21:04] * Joins: TabAtkins_ (~tabatkins@nat/google/x-isenilihgrzwloti)
# [21:10] * Joins: othermaciej (~mjs@17.246.16.126)
# [21:11] * Joins: smaug____ (~chatzilla@dsl-hkibrasgw4-fe45dc00-171.dhcp.inet.fi)
# [21:11] <AryehGregor> Hixie, it's not at all clear to me whether any browsers are interested in an innerText or Selection.toString() spec.
# [21:14] * Joins: sephr (~Eli@c-98-235-63-240.hsd1.pa.comcast.net)
# [21:14] <AryehGregor> Maybe WebKit is, I've gotten no feedback from anyone there yet one way or another.
# [21:14] * Joins: workmad3 (~workmad3@cpc3-bagu10-0-0-cust651.1-3.cable.virginmedia.com)
# [21:14] <AryehGregor> Well, anyway, I'll keep discussing it, but I'll take a look at createContextualFragment() now.
# [21:15] * Joins: benjoffe (~benjoffe@66.220.144.74)
# [21:16] <AryehGregor> Is there something wrong with http://html5.org/specs/dom-parsing.html#dom-range-createcontextualfragment ?
# [21:16] <othermaciej> AryehGregor: we intend to keep those features and it would be nice to have a spec
# [21:17] * Quits: workmad3 (~workmad3@cpc3-bagu10-0-0-cust651.1-3.cable.virginmedia.com) (Remote host closed the connection)
# [21:18] <AryehGregor> othermaciej, I'd appreciate feedback from WebKit people about whether they think the approach I'm using so far for the spec is correct.
# [21:19] <AryehGregor> I suspect that it's very different from the way WebKit currently implements it, but I'm not sure.
# [21:19] <AryehGregor> (more particularly, I want to know if WebKit would be willing to implement that approach, not just if they think it's correct)
# [21:20] <AryehGregor> Does anyone know of cases where the exact implementation of these features actually affects interop? Opera seems to get by with innerText behaving mostly like textContent.
# [21:21] * Joins: workmad3 (~workmad3@cpc3-bagu10-0-0-cust651.1-3.cable.virginmedia.com)
# [21:21] <AryehGregor> I guess this depends on IE's implementation: view-source:http://beihai.gov.cn/5863/2010_4_28/5863_98289_1272423962000.html?open=1
# [21:21] <AryehGregor> Grr: http://beihai.gov.cn/5863/2010_4_28/5863_98289_1272423962000.html?open=1
# [21:22] <AryehGregor> It has extra whitespace in WebKit and Opera, because apparently (?) IE gets rid of nbsp's or something.
# [21:22] <AryehGregor> Anyway, I'd prefer to have at least two browsers say they're interested in implementing a spec something along the lines of what I'm writing before I continue, because otherwise it seems somewhat pointless.
# [21:25] <AryehGregor> Hixie, did you tell me to spec createContextualFragment() because you know that http://html5.org/specs/dom-parsing.html#dom-range-createcontextualfragment is wrong or because you didn't know it exists?
# [21:25] <AryehGregor> (I could still write tests, of course)
# [21:25] * Quits: Martijnc (~Martijnc@91.176.23.208) (Quit: Martijnc)
# [21:27] * AryehGregor starts reading up on execCommand()
# [21:29] * Quits: Steve^ (~steve@cpc2-hari1-0-0-cust1111.hari.cable.virginmedia.com) (Ping timeout: 240 seconds)
# [21:30] * Joins: nessy (~Adium@49.185.82.21)
# [21:33] * Parts: loucapo (~Adium@209.251.200.243)
# [21:34] <Hixie> AryehGregor: wasn't aware it was complete
# [21:34] <AryehGregor> I don't know, is it?
# [21:34] <Hixie> AryehGregor: dunno. we still need tests either way, so i guess use the tests to find out :-)
# [21:34] <AryehGregor> Okay.
# [21:35] <Hixie> the algorithm definitely needs _some_ work, since "the context object's start's node" doesn't make any sense
# [21:35] <Hixie> but it might just be editorial work
# [21:35] <AryehGregor> Why doesn't that make any sense?
# [21:35] <AryehGregor> Follow the links, it's pretty straightforward.
# [21:36] <Hixie> "start" isn't a noun that applies to objects, for one, and "start" xrefs to nothing, for two
# [21:36] <AryehGregor> It xrefs to http://html5.org/specs/dom-range.html#concept-range-start
# [21:36] <AryehGregor> It's a noun that applies to Ranges.
# [21:36] <Hixie> hm, i wonder why that didn't work before
# [21:36] <annevk> heycam, I thought you once tried figuring out for which DOMString attributes null become "null" vs "" vs actually null mapped across various browsers
# [21:36] <AryehGregor> It's an inter-spec xref.
# [21:36] <Hixie> oh, it's a link to another document and the doc was still loading
# [21:36] <Hixie> ok
# [21:37] <annevk> xspec xref
# [21:37] <Hixie> ok i guess it's fine, never mind me :-)
# [21:38] <annevk> heycam, I think Gecko is pretty consistently doing null -> "" and undefined -> "undefined"
# [21:38] <heycam> annevk, I likely did some testing like that, but I can't seem to find anything written down with results...
# [21:38] <annevk> heycam, I'd like Opera to match, but I was wondering if there is some known exception list somewhere
# [21:38] <annevk> hmm, I guess we'd have to do the research then
# [21:38] <heycam> annevk, sorry about that
# [21:39] <annevk> no worries, now I need not go looking for it :)
# [21:40] * Joins: MrOpposite (~mropposit@unaffiliated/mropposite)
# [21:41] * Joins: benschwarz (~ben@59.167.185.148)
# [21:45] * Quits: annevk (~annevk@pat-tdc.opera.com) (Quit: annevk)
# [21:45] * Quits: mdelaney (~mdelaney@2620:0:1b00:1191:7965:b78d:206a:2873) (Ping timeout: 272 seconds)
# [21:50] * Quits: workmad3 (~workmad3@cpc3-bagu10-0-0-cust651.1-3.cable.virginmedia.com) (Ping timeout: 240 seconds)
# [21:53] * bga_ is now known as bga_|away
# [22:00] * Quits: plainhao (~plainhao@208.75.85.237) (Quit: plainhao)
# [22:00] * Quits: nessy (~Adium@49.185.82.21) (Read error: Operation timed out)
# [22:05] * bga_|away is now known as bga_
# [22:05] <karlcow> http://www.fontspring.com/blog/the-new-bulletproof-font-face-syntax
# [22:06] <Dashiva> Are we really still at the level where we use CSS parser hacks?
# [22:07] * Joins: virtuelv (~virtuelv_@20.74.9.46.customer.cdi.no)
# [22:08] * Quits: bentruyman (~bentruyma@li159-104.members.linode.com) (Ping timeout: 276 seconds)
# [22:09] * Quits: virtuelv (~virtuelv_@20.74.9.46.customer.cdi.no) (Client Quit)
# [22:09] * Joins: virtuelv (~virtuelv_@20.74.9.46.customer.cdi.no)
# [22:11] * Joins: david_carlisle (~davidc@dcarlisle.demon.co.uk)
# [22:11] <zcorpan> karlcow: heh, nice
# [22:13] * zcorpan has known about how ie parses url() but hasn't thought about using #
# [22:15] * Quits: stalled (~stalled@unaffiliated/stalled) (Quit: ...)
# [22:16] <karlcow> Dashiva: years after years, hacks on top of hacks
# [22:18] * zcorpan implements the state of the art hack in html5-elements
# [22:20] <benschwarz> zcorpan: best bug logger ever
# [22:20] <zcorpan> heh
# [22:20] * Quits: smaug____ (~chatzilla@dsl-hkibrasgw4-fe45dc00-171.dhcp.inet.fi) (Read error: Connection reset by peer)
# [22:21] <benschwarz> you're making work for me :)
# [22:22] <zcorpan> sorry, i file bugs without thinking these days
# [22:22] * Joins: smaug____ (~chatzilla@dsl-hkibrasgw4-fe45dc00-171.dhcp.inet.fi)
# [22:23] <zcorpan> could consider it a work injury for working with quality assurance
# [22:23] <zcorpan> maybe i should have a vacation
# [22:23] <Hixie> <script>{</script> doesn't seem to be a compile-time error in safari
# [22:23] <Hixie> weird
# [22:24] <benschwarz> zcorpan: the feed back is nice. its such a huge document. I discover new things every day still
# [22:24] <benschwarz> right now, the one that has me upset is that mobile safari is consistently crashing on anything other than the index page
# [22:24] <jgraham> AryehGregor: If we were ever to find (presumably webkit-only) content that we wanted to support that relied on fanct innerText, having a spec would be useful
# [22:25] <jgraham> Until that day I don't think it will be a priority
# [22:25] <jgraham> Especially since IE seems to be aligning more with Opera
# [22:25] <jgraham> *fancy
# [22:25] <Hixie> oh nm, i'm wrong
# [22:25] <benschwarz> Hixie: seen the new "up next" page links?
# [22:25] <AryehGregor> jgraham, that makes sense if WebKit actually implements the spec. :)
# [22:25] <Hixie> benschwarz: not yet, will look after lunch
# [22:26] <AryehGregor> Although even the behavior I've specced so far is way closer to WebKit than Opera now is.
# [22:26] <benschwarz> Hixie: needs more styling... but the feature is in
# [22:26] * Parts: bfrohs (~bfrohs@smtp.forewordinternal.com)
# [22:26] <AryehGregor> Although you're right that IE9 is a lot more textContent-like for some reason.
# [22:26] <jgraham> AryehGregor: It makes sense if the spec is close enough to WebKit to be worth implementing as is compared to reverse engineering it ourselves
# [22:26] <jgraham> I hope none of this happens though
# [22:27] * Joins: stalled (~stalled@unaffiliated/stalled)
# [22:29] <jgraham> (really if the main webkit use case is "for our test framework" it would be nice if the name was prefixed and the public method name aligned with IE9)
# [22:29] * Quits: benschwarz (~ben@59.167.185.148) (Read error: Connection reset by peer)
# [22:30] * Joins: mdelaney (~mdelaney@2620:0:1b00:1191:649f:e7a1:ff68:d33f)
# [22:30] * Joins: erlehmann (~erlehmann@e178176215.adsl.alicedsl.de)
# [22:31] * Quits: nielsle (~nielsle@4135136-cl69.boa.fiberby.dk) (Quit: Ex-Chat)
# [22:33] <AryehGregor> IE9's implementation isn't very useful. IE8's makes more sense.
# [22:33] <AryehGregor> As does WebKit's.
# [22:34] <zcorpan> Hixie: in http://html5.org/r/5819 you traded one typo for another
# [22:34] <Hixie> d'oh
# [22:34] <Hixie> i suck
# [22:34] <jamesr_> in 2 months that typo will be on bing
# [22:35] <Hixie> jgraham: getting 500s intermittently from pms today
# [22:35] * Quits: ROBOd (~robod@109.96.198.148) (Quit: .)
# [22:37] <jgraham> AryehGregor: I value simplicity more than usefulness
# [22:37] <AryehGregor> Me too.
# [22:37] <AryehGregor> But the algorithm I've specced seems pretty simple to me.
# [22:37] <jgraham> Because a useful implementation would have all manner of tweakable parameters
# [22:38] <AryehGregor> Not necessarily.
# [22:38] * Quits: benjoffe (~benjoffe@66.220.144.74) (Quit: benjoffe)
# [22:39] <jgraham> AryehGregor: Well the current algorithm doesn't deal with alt text, right? So there's one failure already
# [22:39] <AryehGregor> Yes, I know, there are various details to be added.
# [22:40] <jgraham> And you have no choice about how paragraphs are spaced, or whether to show display:none content, or anything else
# [22:40] <AryehGregor> Anyway, everyone seems to have more sophisticated algorithms for the sake of Selection.toString() anyway, so why not use them?
# [22:40] * Joins: nessy (~Adium@74.125.56.18)
# [22:40] <jgraham> AryehGregor: AFAIK WebKit / IE don't include alt text either
# [22:41] * Joins: benjoffe (~benjoffe@66.220.144.74)
# [22:41] <jgraham> (maybe they do if images are off?)
# [22:41] <AryehGregor> Possibly not.
# [22:41] <jgraham> If it depends on user prefs it seems even more complex
# [22:41] <jgraham> Of, I assume it does for <noscript> too
# [22:41] <jgraham> s/f/Oh/
# [22:42] <david_carlisle> hsivonen: If I make a singe file mathml spec in the format that used to be known as html5, is it anti-social to validate it with validator.nu, or should I try to build a local copy of the validator? (it's 2.4M, more or less)
# [22:43] <AryehGregor> jgraham, what about Selection.toString()?
# [22:43] <jgraham> AryehGregor: I have no opinion of that
# [22:43] <AryehGregor> jgraham, if that's defined, why not reuse the same algorithm for innerText? It makes things simpler than if you define a different one.
# [22:43] <jgraham> Hixie: I can't see anything obvious in the log
# [22:43] <AryehGregor> Unless your innerText algorithm is the same as your textContent one.
# [22:44] <jgraham> AryehGregor: I would propose using the textContent one
# [22:44] <AryehGregor> For Selection.toString()?
# [22:44] <AryehGregor> Or innerText?
# [22:44] <jgraham> For innerText
# [22:44] <AryehGregor> I'm not totally against it if everyone is willing to alias innerText to textContent. The use-cases are fairly marginal given the complexity.
# [22:44] <jgraham> I don't know what the compat. constrains on Selection.toString are
# [22:44] <AryehGregor> If you can convince WebKit to do that, please let me know. :)
# [22:45] <jgraham> You'll probably see the flying pigs
# [22:45] * zcorpan meanwhile installs a font on his system with the name "☺"
# [22:46] <jgraham> zcorpan: Just to be evil?
# [22:46] * Quits: Kaelig (~Kaelig@mal35-2-82-228-177-211.fbx.proxad.net) (Remote host closed the connection)
# [22:46] <zcorpan> oh, apparently it wouldn't work on mac anyway
# [22:50] * Joins: miketayl_r (~miketaylr@206.217.92.186)
# [22:51] * Quits: miketayl_r (~miketaylr@206.217.92.186) (Remote host closed the connection)
# [22:51] * Quits: miketaylr (~miketaylr@206.217.92.186) (Read error: Connection reset by peer)
# [22:51] * Joins: miketaylr (~miketaylr@206.217.92.186)
# [22:54] * Quits: roc (~chatzilla@121.98.230.221) (Ping timeout: 255 seconds)
# [22:58] * zcorpan resists 386ing http://www.w3.org/Bugs/Public/show_bug.cgi?id=11973#c6
# [23:02] <Dashiva> I'm not familiar with 386 as a verb
# [23:05] * Quits: benjoffe (~benjoffe@66.220.144.74) (Quit: benjoffe)
# [23:06] * Quits: miketaylr (~miketaylr@206.217.92.186) (Quit: miketaylr)
# [23:06] * Quits: TabAtkins_ (~tabatkins@nat/google/x-isenilihgrzwloti) (Read error: Operation timed out)
# [23:09] <zcorpan> http://xkcd.com/386/
# [23:09] * Joins: TabAtkins_ (~tabatkins@nat/google/x-mxlivwdpnvnkhchm)
# [23:09] <TabAtkins_> Dashiva: xkcd.com/366
# [23:09] <Dashiva> Oh, that 386
# [23:10] <Dashiva> I thought you meant the microprocessor
# [23:18] * zcorpan ponders about window.onerror and cross-origin <script src>
# [23:19] * Quits: Maurice (copyman@5ED573FA.cm-7-6b.dynamic.ziggo.nl)
# [23:21] <zcorpan> i guess window.onerror is another way to exploit https://grepular.com/Abusing_HTTP_Status_Codes_to_Expose_Private_Information
# [23:22] <Hixie> jgraham: i'm guessing it's the w3c being slow again
# [23:22] <Hixie> jgraham: did you ever look into what it would take to change the timeouts?
# [23:23] <Hixie> abarth: for https://bugs.webkit.org/show_bug.cgi?id=47264#c13 we need some way to experiment before the spec is updated -- otherwise we can't get impl experience to update the spec
# [23:24] * Joins: benjoffe (~benjoffe@66.220.144.74)
# [23:24] <abarth> my understanding is that we weren't going to add any more self-closing tags to HTML
# [23:25] <abarth> because they aren't parsed correctly by legacy browsers
# [23:25] <abarth> which means they can't be used by authors'
# [23:25] <Hixie> see http://www.w3.org/Bugs/Public/show_bug.cgi?id=11935#c4
# [23:25] <Hixie> i don't think that applies in this case
# [23:25] <Hixie> and that's what we need to find out
# [23:27] <abarth> really?
# [23:27] <abarth> that doesn't seem like a good idea
# [23:27] <abarth> HTML doesn't have a good extension model for self-closing elements
# [23:27] <abarth> that just means folks need to include close tags
# [23:27] <abarth> that seems better than having screwed up parsing in different implementations
# [23:28] <Hixie> i think the issue is minimal in most cases, and nearly non-existent here
# [23:28] <Hixie> i really don't buy into the "no new void elements" thing
# [23:28] <Hixie> in this case you're (i think) never going to use <device> without feature-testing it first anyway
# [23:28] <abarth> why not?
# [23:28] <abarth> suppose 80% of the market supports <device>
# [23:29] <abarth> are we going to have to feature-test it forever?
# [23:29] <abarth> isn't it reasonable to put a SWF in the fallback content?
# [23:29] <Hixie> let me rephrase
# [23:29] * Joins: tw2113 (~tw2113@fedora/tw2113)
# [23:29] <Hixie> for <device> i don't think you're going to use it without feature testing if you have a fallback solution.
# [23:30] <Hixie> no, it doesn't make sense to have a SWF as fallback content, because the fallback would have to have an entirely different script too
# [23:30] * Quits: mdelaney (~mdelaney@2620:0:1b00:1191:649f:e7a1:ff68:d33f) (Quit: mdelaney)
# [23:30] <Hixie> and likely different network protocol, etc
# [23:30] <abarth> so in the case where you don't feature test, you want the parsing for the rest of the page to be goofed up?
# [23:31] <Hixie> it doesn't goof up the rest of the page, that's wild over-exaggeration
# [23:31] <abarth> because it will be closed automatically at some point?
# [23:31] <Hixie> all it does in legacy UAs is insert a <span>-like element, which does nothing, in the parent element
# [23:32] <Hixie> which closes at the end of the parent
# [23:32] <Hixie> no harm is done
# [23:32] <Hixie> user doesn't even notice
# [23:32] <Hixie> the worst it could do is interfere with CSS, but the page author who cares about fallback would test that anyway.
# [23:33] <Hixie> (and it's unlikely to do so unless your css uses child combinators, which isn't that common in the first place)
# [23:33] <abarth> i guess this all seems like a lot of pain to go through to avoid having to type "</device>"
# [23:33] <Hixie> what pain?
# [23:33] <Hixie> my whole point is there's no pain
# [23:34] <Hixie> but that's what testing it would discover
# [23:34] <abarth> the pain is that your page will parse different in different browsers, so you'll need to test whether your CSS selectors will work properly under both parsings
# [23:34] <abarth> etc
# [23:34] <abarth> what if we do this 10 times?
# [23:34] <abarth> now your testing matrix is large
# [23:34] <Hixie> no it's not
# [23:34] <abarth> you'll essentially need to test every browser
# [23:34] <Hixie> you only need to test the browsers that exist
# [23:34] <Hixie> you do anyway
# [23:35] <Hixie> to make sure your fallback works
# [23:35] <abarth> it seems like the opposite of interoperability
# [23:35] <Hixie> it really isn't anywhere near as difficult a problem as you make out
# [23:35] <abarth> should we make <canvas> self-closing?
# [23:35] <Hixie> the parsing difference is minimal at worst
# [23:35] * Quits: pesla (~pesla@ip51cc03a5.speed.planet.nl) (Remote host closed the connection)
# [23:35] <Hixie> <canvas> was self-closing
# [23:36] <abarth> was, but not any more?
# [23:36] <Hixie> we had to make it not self-close because of accessibility
# [23:36] <jamesr_> <canvas> is supposed to contain AX 'fallback'-ish content
# [23:37] <Hixie> every time we add a new feature, interoperability will briefly suffer
# [23:37] <Hixie> that's what progress looks like
# [23:37] * Quits: smaug____ (~chatzilla@dsl-hkibrasgw4-fe45dc00-171.dhcp.inet.fi) (Ping timeout: 240 seconds)
# [23:37] <Hixie> the difference between having an unknown element in the DOM or not vs having access to the user's camera or not is vast. the latter is a real interop problem. the former is barely noticeable.
# [23:38] <Hixie> and this is the kind of thing web devs excel at dealing with
# [23:38] <abarth> ok. it would be nice to be able to distinguish between folks making random changes to the parser and changes that we think are worth experimenting with
# [23:38] <Hixie> how?
# [23:38] <Hixie> they should certainly be behind a flag or something, imho
# [23:39] * Quits: Stikki (~lordstich@dsl-tkubrasgw3-fed4f900-36.dhcp.inet.fi) (Ping timeout: 240 seconds)
# [23:39] <abarth> for example, if the spec was color-coded
# [23:39] <abarth> blue means "if you're experimenting with device, try this out"
# [23:39] <Hixie> it is
# [23:39] <Hixie> that's what the labels in the left margin are
# [23:39] <Hixie> i can add something about device being void if you like
# [23:40] <abarth> as someone reviewing that patch, i went and looked at that part of the spec and didn't see anything about device there
# [23:40] <Hixie> yeah, it's not there
# [23:40] <abarth> which makes it hard for me to know that you think this is a reasonable idea
# [23:40] <Hixie> i didn't expect anyone to implement it yet
# [23:40] <Hixie> you can ask me :-)
# [23:40] * Joins: roc (~chatzilla@203-97-204-82.dsl.clear.net.nz)
# [23:40] <abarth> you really want me to ask you about every random change people want to make to the parser ? :)
# [23:40] <Hixie> yes
# [23:41] <abarth> ok
# [23:41] <Hixie> (or rather, i'm happy to answer if you do. i'm not saying i want you to.)
# [23:44] <abarth> do you think we should condition the parser change on whether <device> support is enabled?
# [23:45] <Hixie> yeah
# [23:45] <Hixie> makes the feature testing make more sense
# [23:45] <Hixie> and emphasises that the patch is experimental
# [23:45] <jamesr_> how do you feature test <device>?
# [23:45] <Hixie> if (window.HTMLDeviceElement) {...}
# [23:46] <abarth> Hixie: we had a similar discussion about how to handle the MathML parts of the parser when MathML support is disabled
# [23:46] <Hixie> (i'm really surprised that people are already implementing this device stuff btw.)
# [23:46] <Hixie> abarth: i'd leave it parsing with the mathml namespace, for mathml
# [23:46] <abarth> that's what we ended up doing
# [23:46] <Hixie> abarth: because it's specced and not experimental
# [23:46] <Hixie> cool
# [23:47] <abarth> there seems to be a lot of interest around the device element
# [23:47] <jamesr_> the implementation of <device> seems really dodgy imo
# [23:47] <abarth> webkit isn't very good about making decisions about when to implement features and when not to implement features
# [23:47] <othermaciej> especially the latter
# [23:47] <abarth> jamesr_: there's also another group of folks who apparently implemented <device> too, so we have two patches instead of zero
# [23:47] <othermaciej> the concept of <device> is confusing to me
# [23:48] <othermaciej> if it's just meant for A/V input, then it should be one or several more specific elememts
# [23:48] <abarth> jamesr_: or at least that's what they've said on webkit-dev. i don't think they've produced their patch yet
# [23:48] <othermaciej> if it's meant to connect to anything that could be called a "device", then that's nonsensically overbroad
# [23:48] <Hixie> othermaciej: it's meant as a way to grant JS access to system devices, the way <input type=file> grants JS access to files
# [23:49] <othermaciej> and a single API is sufficient for anything that could be termed a "system device"?
# [23:49] * Quits: boaz (~boaz@64.119.153.2) (Quit: boaz)
# [23:50] <Hixie> each type of device we add support for gets its own API
# [23:50] <jamesr_> what on earth is a "system device" anyway?
# [23:50] <Hixie> peripheral, if you prefer the term
# [23:51] <othermaciej> many peripherals have a dedicated API
# [23:51] <jamesr_> like a mouse or a keyboard?
# [23:51] <othermaciej> it's not clear to me why the camera and microphone should be lumped in with "other" and assumed to have the same API as them
# [23:52] <Hixie> each type of device we add support for gets its own API
# [23:52] <jamesr_> why do some peripherals have a dedicated set of APIs and some come in as "device"s?
# [23:52] <othermaciej> mouse, keyboard, screen, disk, accelerometer, GPS, compass
# [23:52] <Hixie> jamesr_: they all have dedicated APIs
# [23:52] <othermaciej> none of those are on <device>
# [23:53] * Joins: AlexNRoss (~AleossIRC@unaffiliated/aleoss)
# [23:53] <jamesr_> Hixie: ok, then why are some on <device> and some not?
# [23:53] <othermaciej> I think <camera> and <microphone> elements would make more sense
# [23:53] <othermaciej> or <videoinput> and <audioinput> if you prefer, or just <avinput>
# [23:53] <Hixie> the distinction between <device> and other mechanisms is that other mechanisms don't need the user to grant permission to the page to get a handle to them, because they're not sensitive, or they have their own more sensible permissions system
# [23:53] <othermaciej> there is no obvious common property that anything else has with these things
# [23:54] <Hixie> the cammon property is that there isn't a necessarily just one of them, and we can't grant permission to them automatically
# [23:54] <othermaciej> are there things besides the camera and the microphone that anyone wants to implement with the same permissions model as the camera and microphone?
# [23:55] <Hixie> "wants to implement", no idea. "would make sense to implement", sure: RS232 devices, for instance.
# [23:56] <Hixie> USB cash registers
# [23:56] <Hixie> lots of stuff like that
# [23:56] <Hixie> just mentioning <device> in the spec has gotten dozens of people to contact me directly or file bugs or mail the lists asking for their pet device to be supported.
# [23:58] <jamesr_> it doesn't seem clear at all to me that <device> is a very good way to add support for such things
# Session Close: Fri Feb 04 00:00:00 2011

The end :)