WHATWG Weekly: Same-Origin Policy Explained
We are still looking for a volunteer to write WHATWG Weekly. Otherwise on March 21 and beyond there will not be much to see here. Well, no new WHATWG Weekly.
Big thanks, security model, and editing
We got a big thanks from people at the BBC. Though reading Frame accurate video in HTML5 it seems we owe them for providing valuable feedback! Great to see how many people are paying attention and contributing to what we are trying to build here.
Earlier this week Adam Barth published Principles of the Same-Origin Policy, a document outlining the principles of the Web platform security model. That is, as it has come to be over the years, with many people hacking on it in browsers.
Aryeh Gregor has a new project: HTML Editing Commands. He is working out a more detailed specification for the
execCommand() method (and friends). Currently the HTML specification is rather vague on the subject, deferring much to implementations. This specification will eventually help user agents to get closer to each other — also known as interoperability — with regards to editing operations.
W3C HTML WG
Another attempt is made to get the
longdesc attribute conforming. Edward O'Connor (since recently with Apple; congrats!) is not convinced there is new information here since we made the decision to kick it out.
A whole bunch of open HTML WG issues (156, 157, 158, 160) were “closed without prejudice” last week. This happens when no change proposals are written in time. The process starts with a bug that is resolved by the editor. If the reporter disagrees with the editor he can escalate the bug into an issue. But if then nobody steps up to do something with the issue nothing will change and the issue is closed without prejudice. After this the issue can only be reconsidered with approval of the WG Chairs. Otherwise it is deferred to the next version of HTML (the W3C uses a snapshot model, the current one is labeled HTML5).
- Ian Hickson disagreed with changing
- Dominique Hazael-Massieux (with the W3C Team) wrote up this document: Standards for Web Applications on Mobile: February 2011 current state and roadmap.
- Martin Stender requested a
bannerelement to include potentially unsafe advertisements into a page. Tab Atkins pointed out that the
<iframe sandbox>feature is designed for that.
- Makoto Kato would like a clarification as to how setting the
valueIDL attribute of a control interacts with manipulating its value through an input method editor (IME; used for entering complex characters).
- Rafael wanted
DocumentFragmentobjects. It was pointed out further in the thread that
insertAdjacentHTML()already serves that purpose.
- Ben Rimmington proposed non-blocking modal dialogs. Like Justin Dolske I wonder whether we really need that at this point.