- From: Maciej Stachowiak <mjs@apple.com>
- Date: Mon, 2 Jan 2006 02:00:00 -0800
- To: public-cdf@w3.org
2.5.3 "Currently, the common approach used is to restrict access across documents or network interfaces to material which comes from the same source as the code which tries to make that access." - This sentence is not grammatically correct English. - The claim made by the sentence is not correct. Access is based on the domain (and protocol and port) of the documents in the context of which the code is executing. It ignores where the code comes from, if the document happened to include code, such as JavaScript, from a site other than that which the document came from. "This makes it difficult to re-use resources on the Web, by requiring a copy to be held in the domain of each application which uses that resource." - I don't see how this is true. JavaScript files, CSS files, images and html files can all be included from other sites. The difficulty only occurs when you wish to read the contents of such documents. There is no client-side technology that two sites could use to collaborate. "This breaks cacheability, potentially reduces maintainability, and requires services to maintain the entire service rather than taking full advantage of specialised third-party providers." - I'm not buying these claims but ok - does this spec propose doing anything different in this regard? Does it propose that access to different documents *not* be restricted based on domain/scheme/port as traditionally? Regards, Maciej
Received on Monday, 2 January 2006 10:37:47 UTC