Archive for September, 2011
Philip Jägenstedt provided feedback on WebVTT based on a meeting between various browsers at the Open Video Conference. Tyler Close raised two security issues with
registerProtocolHandler(). This is the WHATWG Weekly.
Changes to HTML
Since revision 6596 the specification defines handling of
multipart/x-mixed-replace resources. A rather peculiar MIME type that allows progressively updating of content. Revision 6595 states that
del are not ideal for marking up edits to tables. This should come as a surprise to exactly nobody.
Adam Klein has outlined the latest proposal to replace Mutation Events on the WebApps WG mailing list: Mutation Observers. While some of the details are still being discussed, it seems this proposal has a better chance at succeeding than previous proposals due to the support of a number of developers from both Mozilla and Google.
In commit 6559
CanvasPixelArray was destroyed in favor of
Uint8ClampedArray from the Typed Arrays specification. DOM Core is now known as DOM4. Welcome to another WHATWG Weekly.
On the mailing list of the W3C WebApps WG James Hawkins with Google proposed that the group takes on the work of standardizing Web Intents. Web Intents allows for decentralization of service providers. Instead of "share on Twitter", "share on Facebook", etc. buttons sites can just have "share" button and the user can then select a service provider out of a list of services the user is using. And the way it is designed the type of actions, such as share, is limitless. I guess it remains to be seen how this works out, but it could potentially get us out of the single service provider silos.
There is some discussion going on regarding Web Intents, some technical, but mostly chartering and scope politics. Yawn.
Web Components or XBL
Dominic Cooney with Google reported on an informal Web Components meetup. The gist of it seems to be that the developers from Mozilla/Apple want something slightly different from their Google counterparts. They would prefer to go ahead with a trimmed version of XBL 2.0, having declarative templates, and a way to extend and augment existing elements. The Web Component proponents wanted to start out with a purely imperative model and basically create elements from scratch.
The next steps are not really clear, but this topic will likely come up again at the W3C TPAC meeting beginning of November.
Just a few quick bullet points this week:
- Specifications now use event constructors rather than
init*Event() methods. See revision 6551 for details.
- Adrian Bateman announced on the WebApps WG mailing list that Microsoft has contributed tests for the WebSocket API, Web Workers, and the Indexed Database API.
- The W3C published a Last Call of Touch Events version 1. You have until October 11 to submit your comments.
- Vincent Scheib announced an update to the Mouse Lock API proposal.
- Brendan Eich gave an update on standardizing ECMAScript in TC39.
Please do not forget that Karl Dubost also writes about activity in the land of standards: Open Web Platform Weekly Summary.
And again the HTML standard was trimmed some more. This time the parsing APIs (
innerHTML and friends) were taken out and integrated into DOM Parsing and Serialization. The upside of this is that the APIs now apply more generically and can also be used with MathML and SVG (well, once implementors adopt the changes).
W3C WebApps WG
At the W3C WebApps WG the DOM standard is starting to take shape. Aligning implementations on their implementation of the DOM. Most recently the
Range API has been integrated to make it unambiguous how node trees and ranges work together. Read its goals section to get an idea of the scope.
In addition, the Clipboard API, also developed by the W3C WebApps WG, has been updated with a fully defined processing model.
Feedback on all these changes is very much appreciated!
The W3C launched a Web Security Interest Group which you can join by signing up for the public-web-security mailing list.
In addition a Web Application Security Working Group was chartered to work on clickjacking and cross-site scripting defenses.