#whatwg on 2011-08-15

00:06	<AryehGregor>	Hixie, http://www.w3.org/Bugs/Public/show_bug.cgi?id=13551 was filed by an implementer -- you really want it assigned to contributor⊙wo?
00:07	<Hixie>	assigning to contributor⊙wo just means i think that it would be productive for the "editorial assistants" to look at it first
00:08	<AryehGregor>	k.
00:08	<Hixie>	i'll go through them all eventually too
00:14	<AryehGregor>	TabAtkins, it's possible to play a game based on WASD+mouselook without a mouse lock, if the mouse sensitivity isn't really low. You just have to do some 360s every time the mouse gets too close to the edge of the screen.
00:15	<zewt>	it's ... really not, heh
00:15	<zewt>	like, sure, you can drive a car that only turns left, but ... not really
00:16	<AryehGregor>	I didn't say it would be fun.
00:22	<Philip`>	If you don't want it to be fun, just use the arrow keys for turning (and alt+arrows for strafe) then you don't need mouselook at all
08:06	<MikeSmith>	question about the Do Not Track feature/spec, for anybody who knows
08:06	<MikeSmith>	if I send a DNT: 1 opt-out header to "first-party" site, does that mean it also can't do any "collection, retention, and use of all data related to the request and response"?
08:07	<MikeSmith>	or does it mean only any third-party sites with embedded content on that page can't do collection, retention, and use of all data related to the request and response?
08:07	<MikeSmith>	it's not clear from the spec
08:07	<MikeSmith>	http://tools.ietf.org/html/draft-mayer-do-not-track-00
08:08	<MikeSmith>	the spec says, "In processing a request that includes an OPT-OUT header, a server MUST NOT perform THIRD-PARTY TRACKING"
08:09	<MikeSmith>	but it doesn't say the first-party site can't do "tracking" (= collection, retention, and use of all data related to the request and response)
08:10	<MikeSmith>	and given a request with a DNT: 1 header, how does a site know whether it's a third-party site or a first-party site?
08:14	<MikeSmith>	or does the UA only send the DNT: 1 header to third-party sites but not not first-party sites?
08:47	<zcorpan>	Hixie: you recall why websocket has sec-websocket-origin rather than just origin?
08:56	<jgraham>	zcorpan: Didn't it have something to do with XHR originally
08:56	<jgraham>	Then I have a feeling that the real reason got removed by some other change and the sec-websocket- bit got cargo culted in
08:56	<jgraham>	Or stayed in for cargo-cult reasons
08:58	<zcorpan>	maybe websocket's origin header predated the other origin header
09:15	<MikeSmith>	Ms2ger: do you know if Alex Fowler is around on IRC much?
09:15	<Ms2ger>	Who's that?
09:15	<MikeSmith>	he's involved with the Do Not Track feature
09:16	<jgraham>	Ms2ger: What code did you want to share between the testsuites?
09:16	<Ms2ger>	MikeSmith, not following that
09:16	<MikeSmith>	ok
09:16	<Ms2ger>	jgraham, the DOMTokenList reflection stuff
09:18	<jgraham>	I guess the idea is that one could implement one feature without the other
09:19	<jgraham>	(I am not really opposed to sharing code, but can imagine more fun things to spend time on)
09:19	<Ms2ger>	I just want to have a shared testDOMTokenListReflectionStuff(element, attribute) somewhere
09:23	<annevk>	https://rniwa.com/2011-08-14/apple-style-span-is-gone/ is nice
09:42	<annevk>	making sense of bugs Leif files is hard
09:51	<zcorpan>	heh, the "IDL" labels look different in opera, firefox and chrome
09:56	<annevk>	I'm trying to come up with something to write for the WHATWG Weekly but nothing really comes to mind
09:56	<annevk>	end of Last Call, over a hundred mostly editorial and minor technical fixes were made to HTML, and some attempt at getting input on HTML.next
09:56	<annevk>	that's one sentence...
10:02	<zcorpan>	if nothing much has happened, that's ok to write in a weekly report :)
10:07	<Ms2ger>	Some discussion about the organization of DOM specs
10:10	<annevk>	I wouldn't really call that discussion :(
10:11	<annevk>	Microsoft does not participate and objects when publishing; sucks
10:13	<webben>	annevk: what did they object to publishing?
10:13	<annevk>	DOM Core
10:14	<annevk>	and then when I make a suggestion they do not answer
10:14	<annevk>	further slowing progress
10:19	<annevk>	put that on the record: http://lists.w3.org/Archives/Public/public-webapps/2011JulSep/0869.html
10:27	<annevk>	smaug____, I was wondering, do you agree with all the DOM 3 Events stuff?
10:27	<annevk>	smaug____, because some of those replies to Last Call comments are rather, well, odd
10:27	<smaug____>	which one in particularly
10:27	<annevk>	e.g. on DOM features
10:28	<smaug____>	"odd" replies are the norm in standardization, apparently :)
10:28	<annevk>	or changing scroll to a UIEvent
10:28	<annevk>	which contradicts e.g. CSSOM View
10:28	<annevk>	and implementations
10:30	<annevk>	smaug____, so you support the decisions?
10:30	<smaug____>	Let's say so that I'm ok with the decisions
10:31	<annevk>	wow
10:31	<smaug____>	how does changing scroll to UIEvent contradicts with CSSOM ?
10:33	<annevk>	it says to use Event
10:33	<annevk>	but that event overview is meaningless anyway
10:33	<annevk>	what matters is what interface is used when dispatching
10:34	<annevk>	the way events are defined in DOM Level 3 Events is rather laughable compared to how dispatching events is defined in other specifications
10:34	<smaug____>	(of topic, HTML spec and Web DOM code contradict with implementations quite often )
10:34	<annevk>	usually with good reason
10:35	<annevk>	not "to make this table look pretty"
10:35	<smaug____>	not very often with good reason
10:35	<smaug____>	but I'm ok change scroll back to event
10:35	<smaug____>	I just don't really care whether it is UIEvent or Event
10:35	<annevk>	well you disagree with the reason sometimes
10:36	<annevk>	but making it UIEvent because the spec's organization is cleaner then is nonsense
10:36	<annevk>	than*
10:37	<smaug____>	that wasn't shepazu's reason to make scroll UIEvent
10:40	<smaug____>	I might even like if most of the event in browsing context were UIEvents
10:41	<smaug____>	since those give easy access to window
10:41	<smaug____>	s/event/events/
10:51	<annevk>	smaug____, where does DOM Core contradict specifications btw without good reason?
10:51	<annevk>	smaug____, euh, implementations
10:51	<jgraham>	annevk: (I assume that depends what you mean by "good reasons" e.g. removing attr nodes might not be considered "good reasons")
10:51	<annevk>	smaug____, cause I thought people were on board with Node : EventTarget, Attr no longer being a node, etc.
10:52	<smaug____>	those are ok.
10:53	<smaug____>	ÍMO
10:53	<smaug____>	CDATA removal probably isn't
10:54	<smaug____>	at least there hasn't been any good proposal how to fix the problems removing CDATA causes
10:54	<smaug____>	(related to serialization )
10:56	<smaug____>	oh, hmm, normalize() is removed
10:56	<smaug____>	why
10:56	<annevk>	sicking has a proposal and there's a patch implementing CDATA removal in Gecko
10:57	<smaug____>	I know Ms2ger has the patch to remove CDATA from Gecko
11:02	<annevk>	smaug____, presumably normalize() is either not implemented widely or lacks good use cases
11:15	<annevk>	wait
11:15	<annevk>	if CR LF is always normalized on submitting
11:15	<annevk>	text/plain can be parsed reliably
11:15	<annevk>	with respect to form submission
11:28	<zcorpan>	foolip: yt? you have any opinion about http://www.w3.org/Bugs/Public/show_bug.cgi?id=12405 ?
12:19	<rabbi1>	Can you help? i am trying to achieve this http://imagebin.org/167884 in a <ul> the data in green background appear when the user logs in. All is part of a <ul>. <li> has contents for user logged in and user logged out......
12:59	<annevk>	MikeSmith, it seems that "amir arsalan <m_a_s_7⊙yc>" is spamming Bugzilla somehow
12:59	<annevk>	MikeSmith, see http://lists.w3.org/Archives/Public/public-html-bugzilla/2011Aug/1706.html and http://lists.w3.org/Archives/Public/public-html-bugzilla/2011Aug/1707.html
12:59	<MikeSmith>	thanks
13:00	<MikeSmith>	trying to delete his account now
13:04	<annevk>	Google acquires hardware part of Motorola: http://googleblog.blogspot.com/2011/08/supercharging-android-google-to-acquire.html
13:10	<MikeSmith>	annevk: disabled his account
13:13	<foolip>	zcorpan, it seems that if we want people to mix native controls with custom subtitles, etc, then we need to expose events for them showing/hiding together with the size
13:14	<foolip>	or we could abuse the multitrack stuff to "sync" a src-less <video controls> with the <video> elements that have the actual video streams
13:15	<zcorpan>	events could work
13:16	<zcorpan>	i don't follow what you mean with the multitrack stuff
13:59	<annevk>	after publishing I realize I should have mentioned the UndoManager stuff
13:59	<annevk>	noted for next week
14:34	<jarek>	Hi
14:35	<jarek>	what's the definition of "visual", "tactile" and "bitmap" media type as used in http://www.w3.org/TR/css3-mediaqueries/ ?
14:36	<jarek>	does "visual" include "tty"? Or does "bitmap" include print?
14:37	<annevk>	no
14:37	<annevk>	types are exclusive
14:37	<annevk>	see CSS 2.1
14:37	<jarek>	ahh... right...
14:38	<jarek>	I just googled the terms and found CSS2.1 specs: http://www.w3.org/TR/CSS2/media.html
14:38	<annevk>	media queries 3.1 will prolly fix this
14:38	<annevk>	well fix in the sense that it will define both media types and media features and not defer to CSS 2.1 for the former
14:40	<jarek>	why "resolution" property accepts only dpi and dpcm units?
14:40	<jarek>	why not ppi?
14:40	<annevk>	what's the difference with dpi?
14:40	<jarek>	so for screen media type, dpi is treated like ppi?
14:41	<jarek>	I thought that DPI should be only used for printed media, where you have actual dots
14:42	<annevk>	I think so
14:42	<annevk>	maybe suggest on www-style that it is clarified
14:42	<annevk>	although I'm the editor I don't really know much about these units
14:50	<jarek>	CSS3 media queries specification says that resolution may accept only dpi and dpcm units and that resolution property applies to bitmap media types
14:50	<jarek>	now CSS2 specs defines bitmap media types as:
14:51	<jarek>	print, projection, screen and tv
14:51	<jarek>	I guess this means that DPI should be treated as PPI
14:52	<jarek>	at least on screen
14:52	<annevk>	http://en.wikipedia.org/wiki/Dots_per_inch#Computer_monitor_DPI_standards
14:54	<annevk>	yay, WHATWG Blog has >6000 subscribers per Google Reader
14:54	<jarek>	now I'm confused, how windows can <<set default display "DPI" to 96 PPI>>? Isn't this value depended on monitor size and resolution?
14:54	<benjoffe_>	hmm didn't know there's a blog, make that 6001
14:55	<benjoffe_>	well, >6001
14:57	<Philip`>	jarek: They're independent of physical inches
14:58	<benjoffe_>	jarek: I'm pretty sure that's due to a lack of monitor dpi api's
14:58	<annevk>	AryehGregor, there were several comments on your blog post that did not get approved thus far
14:58	<annevk>	AryehGregor, I approved them
14:58	<jarek>	so there are actually three units: DPI, logical PPI and physical PPI?
14:59	<jarek>	nevermind, this thing makes no sense
15:00	<jarek>	I will just hard-code in my code that PPI equals DPI, hopefully no one will notice :P
15:01	<Philip`>	There's the number of RGB cells per inch on your LCD screen, and the number of pixels of data that the computer sends to the display per cell (hence per inch), and the number of pixels of data that the computer uses to represent objects measured in inches (or in fractions of inches, e.g. points)
15:02	<Philip`>	plus any scaling factors the software wants to add
15:03	<Philip`>	Also, the length of an inch will change if you travel at relativistic speeds
15:03	<Philip`>	So it's quite hard to be consistent about measurements
15:04	<jarek>	Philip`: if iPad's specification says that it has 132 PPI screen (http://en.wikipedia.org/wiki/List_of_displays_by_pixel_density), how do I target this or any higher resolution with media queries?
15:05	<jarek>	will this work?
15:05	<jarek>	"@media screen and (min-resolution: 132dpi)"
15:05	<Philip`>	Haven't got a clue
15:05	<benjoffe_>	jarek: why don't you just test against it? Do you have an ipad?
15:06	<jarek>	benjoffe_: no, it's overpriced
15:06	<jgraham>	(only the length of an inch in a different frame of reference. So not really a problem if you are looking at your computer in a spaceship travelling at 0.98c, but perhaps worth thinking about if you are building an intergalactic Oxford Circus and want the adverts to work for passers by)
15:06	<Philip`>	Seems complex enough that the only reliable method is to test it (or copy from someone who's tested it)
15:06	<zewt>	vmware + osx + ios emulator
15:06	<jarek>	but I guess that this will be the only reliable way to verify it
15:06	<benjoffe_>	jarek: do you have xcode? the ipad simulator is available for $5, or free if you have lion
15:06	<benjoffe_>	(requires osx)
15:07	<zewt>	haha what, it was free when i downloaded it
15:07	<Philip`>	jgraham: Might still be a problem if your spaceship is falling into a small black hole at 0.98c
15:07	<Philip`>	since your monitor may accelerate faster than you
15:08	<benjoffe_>	zewt: it's free if you have a dev lincese which costs $99 per year
15:08	<jarek>	great, I have the developer license
15:08	<jgraham>	Yes, I was only really thinking of special relativity. It's always easier to pretend gravity doesn't exist
15:08	<zewt>	i don't, and i'm pretty sure i just downloaded it from apple
15:08	<jarek>	but I can't find it in dev section, do I need to participate in iPhone developer program? I'm currently signed up for Mac dev program
15:09	<benjoffe_>	it's available for me as an ipohne dev, not sure about the mac dev program
15:09	<benjoffe_>	i thought it would have been, considering xcode is used for mac dev too
15:11	<Philip`>	Running an iPad simulator on a desktop PC doesn't sound ideal if you're trying to figure out whether the real physical display resolution has an effect on the browser
15:11	<zewt>	it should be the same
15:12	<benjoffe_>	yes I would be quite surprised if there was a difference there
15:12	<Philip`>	Either the browser ignores the system, or the system lies to the browser, and the latter case wouldn't inspire much confidence that things aren't lying in other ways too
15:13	<benjoffe_>	heck, i have an ipad simulator, maybe i'll go check
15:13	<zewt>	what?
15:15	<benjoffe_>	hmm it keeps crashing, shouldn't have installed the beta.. :/
15:15	<zewt>	better than even odds it just lies about dpi in the same way as every other browser...
15:16	<jarek>	will I get iPhone and iPad emulator if I buy XCode from App Store?
15:17	<benjoffe_>	jarek: yes, it's part of the bundle
15:17	<zewt>	there's just one with a menu option to change modes
15:17	<jarek>	the version of XCode that I downloaded from Mac Dev Program does not ship with any emulators
15:17	<benjoffe_>	jarek: better off just buying lion imo though, $25 more
15:17	<benjoffe_>	jarek: are you sure? it's not easy to find
15:18	<jarek>	benjoffe_: I already have lion, it did not ship with XCode
15:18	<benjoffe_>	jarek: oh, if you have lion you can download xcode from the mac app store for free
15:19	Philip`	wonders what's the point of charging $5 for development tools, since surely it can't provide any non-trivial amount of revenue
15:20	<benjoffe_>	Philip`: I think it's more about getting people to attach their credit card to the store in the hope they buy other items
15:21	<jarek>	ahh... I have already iOS simulator installed, I just had to create new iOS project
15:22	<benjoffe_>	jarek: you can also launch the simulator directly if you only want to test websites, just make a shortcut, it's in a silly location like /Developer/Platforms/... (instead of the sane location of ~/Applications)
15:22	<jgraham>	Oh, I thought it was so that the platform wasn't tainted with poor users
15:25	<timeless>	:(, my g+ account was suspended
15:25	<timeless>	it seems that the fact that i've been using `timeless` as my name for more than half my life (and my entire professional carrer) including IRL wasn't expected behavior
15:26	<Ms2ger>	Myself, I didn't try
15:26	<zewt>	it's pretty ironic that google said that privacy is a priorty on g+, then immediately violates people's privacy by trying to force them to reveal their name
15:26	<zewt>	"well that was quick"
15:26	<timeless>	they said privacy was a priority?
15:27	<zewt>	everyone says that
15:33	<jarek>	it looks like iPad does not support resolution media query at all
15:33	<timeless>	those are silly anyway :)
15:34	<Ms2ger>	iPads?
15:34	<jarek>	but there is "-webkit-device-pixel-ratio" media query, is it the same thing?
15:35	<benjoffe_>	jarek: no, that's the number of physical pixels per css pixel
15:35	<benjoffe_>	which for ipad/iphone3 is 1, for iphone4 is 2
15:37	<timeless>	jarek: what would you do w/ a resolution media query
15:38	<timeless>	other than poorly support every device you've never met
15:38	timeless	has only recently found one site which didn't suck wrt discrimination
15:38	<zewt>	cheers to misapplication of the word "discrimination"
15:39	<timeless>	(it was Fandango fwiw, they let me choose Mobile, BB app, or Normal)
15:39	<timeless>	zewt: you don't think that a service which forces users to get subpar content just because it thinks they want it is discriminating against those users?
15:39	<jarek>	timeless: well, I expect resolution media query to be widely supported in the near future, that's why I would like to implement it in my app sooner than later
15:40	<zewt>	no, i think that's using a loaded word to make something sound worse than it is
15:40	<timeless>	it's pretty bad
15:40	<timeless>	if i'm not allowed to participate in something
15:40	<timeless>	then how is that not discrimination?
15:41	<Philip`>	It seems like the usual attitude is "I want my page to do something special on iPhones, how do I write a media query to target iPhones?", which is effectively an obfuscated form of browser sniffing
15:41	<timeless>	further, segregated busing in some cases still allowed you to ride the same buses
15:41	<timeless>	you just got stuck in the back
15:41	<timeless>	getting second or third class service on a bus was still service
15:41	<zewt>	jarek: does anything in media queries account for the fact that the font and layout size you want depends on the device, and not soley the dpi?
15:41	<timeless>	that's what we're getting on the internet
15:42	<timeless>	that sure sounds like discrimination to me
15:42	<timeless>	Philip`: indeed
15:42	<zewt>	eg. a phone is typically much higher resolution than a desktop monitor, much smaller, and viewed much closer
15:42	<zewt>	the resolution is only part of the story
15:42	<timeless>	anyway, as dbaron recently pointed out on www-style (?)
15:42	<Philip`>	(Have any browsers started lying to media queries yet, in order to receive iPhone-targeted content?)
15:43	<timeless>	it's easy to get media queries wrong when you reach boundary conditions
15:43	<timeless>	Philip`: not sure about media queries
15:43	<timeless>	but i know that browsers have lied to receive iPhone content in other cases/ways
15:43	<timeless>	and i certainly expect it to happen soon enough
15:43	<timeless>	..
15:44	<timeless>	zewt: so, which part of my logic is flawed which makes my use of the word offensive to you?
15:44	<zewt>	<timeless> other than poorly support every device you've never met <- you called that discrimination, when it's the opposite of discrimination: behaving generically (even if not always usefully)
15:45	<timeless>	oh
15:45	<timeless>	they don't do that
15:45	<timeless>	they don't behave generically
15:45	<zewt>	that's what i was responding to
15:45	<timeless>	they either give out good content or crap
15:45	<timeless>	and you can only get good content if you pay the <iPhone-x> fee
15:46	<timeless>	`We only allow whites to sit in the front of buses, anyone who we've never met can since in the back`
15:48	<Philip`>	There must be a better of solving the browser-sniffing problem (since clearly people often want to do that rather than querying capabilities) - given N browser/device combinations, authors want to select some subset, then new browsers/devices developed afterwards want to insert themselves into some selection of subsets (while still being uniquely identifiable themselves by later authors)
15:49	<Philip`>	without needing identifiers that perpetually grow in length (like UA strings)
15:49	<timeless>	Philip`: generally speaking `let the user pick` works well for me
15:49	<timeless>	it certainly makes me happy
15:49	<Philip`>	There must be some kind of maths that would support that sort of subsetting
15:49	<timeless>	have you used any of the ClearType configurator?
15:49	<timeless>	s/tor/tors/
15:49	<timeless>	(subpixel-antialiasing)
15:50	<timeless>	you show the user a couple of pictures and let them choose the one they like
15:50	<Philip`>	The thing that asks "which of these three samples looks best"?
15:50	<timeless>	yeah
15:50	<zewt>	i don't want to undergo an eye exam every time i go to a new site, heh
15:50	<timeless>	i'm willing to do it
15:50	<timeless>	i'd certainly be happy to have a button at the bottom of each site which lets me undergo such an exam
15:51	<zewt>	"ask the user" is always a useful fallback but should always be a fallback
15:51	<timeless>	it's fine w/ me for sites to guess wrong as long as they let me choose
15:51	<timeless>	but most of the sites i see don't do that
15:51	<timeless>	my favorite is the idiotic news sites which when i am sent directly to an article
15:51	<timeless>	... redirect me to the front of their mobile site
15:51	<timeless>	because obviously i didn't want to read the article i visited!
15:53	<zewt>	heh
15:53	<zewt>	generally if i click a link and it doesn't go to what i clicked, i just leave
15:54	<zewt>	most commonly sites that go "well, you clicked on something explicitly, but we're going to ignore you and show you an ad/ask you to sign up/ask you to do the raindance/whatever first"
15:54	<timeless>	i need to get google to let me say `don't ever show content from this service again`
15:55	<timeless>	i think it's actually possible these days
15:55	<timeless>	but ...
15:55	<zewt>	it often will show it in searches, but not always (seemingly at random)
15:55	<timeless>	yeah, sadly i use google news
15:56	<timeless>	i think for that i need to use the special configurator box or the impossible to use on my touch-based-device heisendropdown
15:56	<zewt>	i couldn't stand google news, because it seemed to refresh itself automatically all the time, so it always showed up highlighted in firefox as a "new tab"
15:56	<timeless>	(which insists on not being clickable)
15:56	<timeless>	hrm
15:56	<timeless>	it does refresh automatically
15:56	<timeless>	but you must be using some extension because firefox doesn't do that to me
15:56	<zewt>	i was
15:56	<zewt>	i'm not right now since i stopped using tabmixplus, but it's very useful
15:57	<zewt>	pages should never auto-refresh, that's just obnoxious
15:57	<timeless>	you don't want gmail to autorefresh?
15:58	<timeless>	hrm, you clearly don't use web-irc
15:58	<zewt>	that's ajax updating, it doesn't refresh the entire page
15:58	<timeless>	tomato tomato?
15:58	<zewt>	which is what gnews seemed to do, at least at the time
15:58	<zewt>	... no?
15:59	<zewt>	reloading the entire page is far different than a lightweight ajax update
15:59	<timeless>	how?
15:59	<timeless>	reloading the entire page could mean you could retrieve old versions from cache
16:00	<timeless>	(which can be useful)
16:00	<zewt>	how? it's sort of the ... point of ajax, heh
16:00	<zewt>	(only in part, of course)
16:00	<timeless>	if 99% of a page is content
16:01	<timeless>	then i'm not quite sure i'd buy that using ajax would actually mean much less load than a traditional page load
16:01	<zewt>	then you can update the content unintrusively
16:01	<zewt>	eg. greader
16:06	<annevk>	volkmar, if you specify trim on password, I don't really see why it shouldn't trim
16:07	<timeless>	annevk: why would someone trim a password?
16:14	<annevk>	to make copy and paste work better
16:14	<annevk>	if you don't allow spaces anyway
16:14	<volkmar>	annevk: i don't think we should allow trimming passwords, that's really dangerous
16:15	<annevk>	dangerous?
16:15	<benjoffe_>	google strips whitespace from passwords
16:20	<volkmar>	annevk: if I type " foobar " in a password field and they I want to login and I can't...
16:20	<volkmar>	I'm afraid it could be used without really realizing some side effects
16:21	<annevk>	how could you register such a password to begin with if they trim consistently and do not allow whitespace?
16:22	<zewt>	would seem like a very arbitrary special case to not support it
16:22	<annevk>	<input trim> UI could just mean you cannot type spaces at the beginning and end of your input
16:22	<jgraham>	annevk: My concern might be the if
16:23	<annevk>	jgraham, then they would have problems with their JavaScript-based solution as well
16:23	<annevk>	or with any restrictions on password for that matter, which certainly are around
16:23	<Philip`>	If you want to support accidental whitespace included around passwords, it'd be just as easy to do the trimming on the server (and then you could check both the trimmed and untrimmed passwords, in case the spaces really are part of the password)
16:23	<zewt>	conversely (though this is all very contrived and I don't see either ever happening in reality) someone might have their site trim spaces when storing a password, and use <input trim> to trim when entering, and not realize the lack of side effects due to arbitrary special cases
16:25	<volkmar>	annevk: in general, altering the passwords value seems a wrong idea to me
16:26	<timeless>	yeah, any sanitization really needs to be enforced server side
16:27	<timeless>	not doing that is just plain stupid
16:27	<timeless>	zewt: fwiw...
16:27	<timeless>	i think it was canada post
16:27	<timeless>	but one of the sites was very anal about its login form `do not remember password`
16:27	<zewt>	well, doing trimming client-side can make it clearer that it's happening (though in practice it probably doesn't matter whether the user is aware of it or not, in the case of passwords)
16:27	<timeless>	the reset account password form was not anal
16:27	<timeless>	so you could remember the password there...
16:28	<timeless>	so... yes... it's trivially to be stupid and inconsistent!
16:28	<timeless>	s/ly//
16:28	<timeless>	yeah, it absolutely doesn't matter to users what you do to the password
16:28	<zewt>	quasirelatedly, we need a real password-storage API
16:29	<timeless>	they don't need to know that you're storing a sha256 hash instead of the actual password
16:29	<zewt>	annoying how so many sites break or semi-break browser password storage
16:29	<timeless>	how would a password-storage api help?
16:29	<zewt>	firefox insists on remembering my old bugzilla password
16:29	<timeless>	sites would just demand to disable it, or break it, or flood it with crap
16:29	<zewt>	well, there are two problems, i think: remembering passwords from login forms, and ajax logins
16:30	<zewt>	the former is what usually works, but sometimes does not; don't know why in the particular cases, but it'd be nice for that to be more reliable
16:30	<zewt>	the latter almost never works; it would be nice if it could
16:30	<timeless>	the former doesn't work when sites actively try to break it
16:30	<timeless>	the easiest way is to add the attribute that says `please break password manager`
16:30	<zewt>	i rarely see that, usually it's just unawareness of it
16:31	<zewt>	as far as i'm concerned sites should never have the ability to do that
16:31	<timeless>	the second easiest way is to not have a <form> containing the password field
16:31	<timeless>	(and then use js to shift it into the form/submission)
16:31	<zewt>	google passwords are regularly out of date for me, too
16:31	<timeless>	odd, i've never hit that problem
16:32	<zewt>	it just never offers to store the newly-entered password
16:32	<zewt>	but google is weird and it doesn't happen everywhere
16:32	<timeless>	i'm pretty sure firefox has offered to update my password for google
16:32	timeless	will have to check sometime
16:33	<zewt>	gmail fills in the password fine, for example, but if i open gapps management, that one's wrong
16:34	<timeless>	you know you can `easily` `fix` it by opening the password list and deleting the one for the gapps site
16:34	<timeless>	(ideally you'd be able to use Larry to fix it, but he never grew that feature)
16:34	<zewt>	anyway, it would be nice for ajaxy logins to have the ability to integrate with password management; right now they don't at all
16:34	<timeless>	well
16:34	<timeless>	all they have to do is use <form> <input> <input type=password>
16:35	<timeless>	as long as they have a handler on the <form> to trap onsubmit and send it where they need
16:35	<timeless>	they can absolutely integrate with password management
16:35	<zewt>	but if the form is never actually submitted as a form, firefox will never offer to store it
16:35	<timeless>	you sure?
16:35	<zewt>	how would it know?
16:36	<zewt>	ajax logins typically cancel form submission entirely (if form submit happens at all), so it can do it some other way
16:36	<benjoffe_>	reddit seems to do login async and has never had problems remembering my login details
16:36	<benjoffe_>	on chrome
16:37	<zewt>	don't know what reddit does
16:37	<timeless>	data:text/html,<form action="data:text/plain," onsubmit="alert(1); return false"><input id=name><input id=pass type=password><input type=submit>
16:37	<timeless>	isn't working 100%, but it's definitely asking to remember my password
16:38	<zewt>	alert(1) in an event handler is probably going to do weird things
16:38	<timeless>	although, perhaps noscript is suppressing js entirely :)
16:38	<zewt>	data:text/html,<form action="data:text/plain," onsubmit="console.log('xxx'); return false"><input id=name><input id=pass type=password><input type=submit>
16:39	<zewt>	doesn't prompt
16:39	<zewt>	(for me, in ff6)
16:39	<timeless>	data:text/html,<form action="data:text/plain," onsubmit="return false"><input id=name><input id=pass type=password><input type=submit>
16:39	<zewt>	it shouldn't--the form submission was cancelled, after all, why would it?
16:39	<timeless>	prompts for me in Nightly (different profile, no noscript)
16:39	timeless	shrugs
16:39	<timeless>	it is here
16:40	<benjoffe_>	why are you setting 'id' on the form inputs? Should be name
16:40	<timeless>	what version of firefox are you using?
16:40	<timeless>	benjoffe_: because i can :)
16:40	<zewt>	as far as firefox can tell the submission was aborted, it'd be strange for it to offer to remember the password at that point
16:40	<timeless>	fwiw i only have add-on compatibility reporter and https-everywhere
16:40	<benjoffe_>	timeless: forms remember and post the 'name' attribute, if you want to play nice with password managers use it
16:40	<timeless>	benjoffe_: my point is that even this contrived thing does play nicely with password managers
16:41	<timeless>	at least, it does w/ my Nighty
16:41	<timeless>	s/y$/ly/
16:41	timeless	wants to know why it isn't w/ zewt 's
16:41	<benjoffe_>	that's surprising, they must be getting better
16:41	<timeless>	zewt: firefox --no-remote -P
16:41	<zewt>	i'm suggesting that offering to remember the password in the above code is wrong
16:41	<timeless>	well, it is remembering it
16:41	<timeless>	and remember, the offer isn't a modal dialog
16:41	<timeless>	so the user can safely ignore it
16:42	<timeless>	or say `why thank you for offering`
16:42	<timeless>	heh
16:42	<timeless>	Error: uncaught exception: [Exception... "'Can't add a login with a null or empty hostname.' when calling method: [nsILoginManager::addLogin]" nsresult: "0x8057001e (NS_ERROR_XPC_JS_THREW_STRING)" location: "JS frame :: resource:///components/nsLoginManagerPrompter.js :: <TOP_LEVEL> :: line 853" data: no]
16:42	<zewt>	heh i cringe every time i see a prompt that says "no thanks" "yes please"
16:42	<timeless>	ok, well, i should say `it mostly works`
16:43	<zewt>	software forcibly injecting politeness into the user
16:43	<timeless>	since apparently the password manager's store and the ui don't agree on when to make an offer
16:43	<timeless>	which is partially unfortunate
16:43	<zewt>	that just looks like it doesn't care for data:
16:43	<timeless>	that's right
16:43	<zewt>	which wouldn't be surprising
16:44	<timeless>	fwiw, it's the origin data and not the destination data
16:44	<timeless>	(changing the action to http didn't resolve it)
16:45	<zewt>	makes sense
16:45	timeless	goes to watch a tech talk
16:45	<timeless>	anyway, the point is that ajax should work
16:45	<timeless>	unless you try to break password managers
16:45	<timeless>	which sites generally do
16:45	<timeless>	but that's because sites are evil
16:45	<zewt>	RIGHT CLICK IS NOT SUPPORTED
16:45	<timeless>	it isn't because it's hard to support
16:45	timeless	chuckles
16:45	<timeless>	yeah, tell that to my one button mac mouse :)
16:57	<dglazkov>	good morning, Whatwg!
17:08	annevk	thanks TabAtkins for making it easier to resolve a bunch of bugs
17:10	<Ms2ger>	TabAtkins, so when are you publishing a Values LCWD? :)
17:26	<annevk>	aah
17:26	<annevk>	gruber will be disappointed http://www.google.com/press/motorola/quotes/
17:27	<AryehGregor>	Of course they're going to say they're happy with it, what choice do they have?
17:30	<annevk>	not saying anything
17:30	<annevk>	which would be the usual course of action
18:55	<timeless>	annevk / AryehGregor : what i like is that it sounds like someone sent those guys a PR draft and instructed them to repeat it
18:56	<Ms2ger>	"Please tick the box next to the quote you like most"
18:57	<TabAtkins>	Ms2ger: Near future. A bit more review and clean-up is needed beforehand, but not more than a month or so.
18:58	<TabAtkins>	AryehGregor: I strive for continuity whenever possible and practical. Having rounding errors drastically affect rendering is bad if we can avoid it.
18:58	<Ms2ger>	Oh, and the Overview.html fantasai sent to www-archive had the second half of the spec nested in a <dd>, if you hadn't noticed yet
18:58	<TabAtkins>	Yeah, it's already been fixed.
18:58	<TabAtkins>	(We'd left in a </ol> instead of a </dl>, or something like that.)
18:59	<Ms2ger>	Sounds like something I'd do
19:02	AryehGregor	sees ~value.indexOf("foo") used to mean value.indexOf("foo") != -1 -- freaky but sort of cool
19:12	<AryehGregor>	Is this too snarky? "This is an excellent opportunity for those who believe that the W3C is a good place to develop specs to show their willingness to improve the web. All it would take is a modest amount of effort to submit the spec for W3C publication, and of course in their view, this would be beneficial because the W3C is a good place to publish specs. I wait with interest for one of the many people who have expressed concern about the
19:12	<AryehGregor>	editing spec not being at the W3C to spend the necessary time themselves to fix the problem, rather than expecting others to do it."
19:12	AryehGregor	thinks it probably is
19:13	timeless	doesn't see it as snarky
19:13	<annevk>	I would phrase it more direct
19:21	<AryehGregor>	Okay, I said it.
19:21	<AryehGregor>	Let's see how people react.
19:21	<timeless>	i fully expect them to ignore you :)
19:23	<hober>	AryehGregor: :)
19:23	<AryehGregor>	Either no one will do it, or someone will try briefly and then it will stagnate and die.
19:23	<AryehGregor>	I'm betting on the first one.
19:24	timeless	too
19:24	<timeless>	well
19:24	<timeless>	i suppose if you were placing money, i'd just do it and take your money :)
19:24	<AryehGregor>	It won't waste much of anyone's time if someone wants to escalate a FIXED resolution. I can spend twenty minutes to write a counter-CP if someone escalates.
19:28	<MikeSmith>	AryehGregor: not too snarky, IMHO
19:28	<AryehGregor>	Okay, good.
19:29	<timeless>	MikeSmith: fwiw, the w3 gym bag came in handy
19:29	<timeless>	i unpacked it yesterday and started using it today :)
19:30	<timeless>	i also unpacked the w3 kitchen thing...
19:30	<timeless>	and put it in my kitchen..
19:30	<timeless>	s/thing/apron/
19:30	<MikeSmith>	ah
19:30	<timeless>	we'll see if it actually gets used
19:30	<timeless>	so far i have a newly purchased toaster-oven and 0 free counter space (and i haven't unpacked my kitchen items from my move)
19:31	<timeless>	cooking for me will be mostly toasting breakfast and baking dinners :)
19:31	<MikeSmith>	heh
19:31	<MikeSmith>	you can do a lot with a toaster oven man
19:31	<MikeSmith>	I do at least
19:32	<MikeSmith>	I don't have a real oven
19:32	<MikeSmith>	few people in Japan do
19:39	<AryehGregor>	MikeSmith, because there's too little space?
19:40	<MikeSmith>	yeah, in part at least
19:41	<MikeSmith>	but also because how often do you need to roast a whole turkey or whatever?
19:42	<timeless>	when you want to heat your house or just run up your electric, gas or oil bill?
19:42	<timeless>	iirc one of my friend's experiences was indeed the gas side of things
19:42	<MikeSmith>	big-oven cooking, you have to do the whole pre-heating thing, which is nuts
19:42	<timeless>	even toaster ovens need preheating
19:43	<timeless>	(if you're baking)
19:43	<timeless>	(not if you're toasting or broiling)
19:43	<MikeSmith>	yeah, but it takes a lot less time of course
19:44	<timeless>	yeah
19:44	<timeless>	and as i said, it heats your whole house
19:44	<timeless>	(and it's much easier to burn yourself that way)
19:45	<timeless>	otoh, things really are different if you're cooking for 4+ v. 1-2
19:45	<timeless>	in helsinki, i'd have gladly traded my Oven for a toaster-oven and an automatic dishwasher
19:46	<timeless>	(well, really traded the oven for the dishwasher and added a separate toaster-oven)
19:47	<AryehGregor>	Hixie, there's no diff given at <http://www.w3.org/Bugs/Public/show_bug.cgi?id=13024>;.
19:47	<timeless>	'13024>' is not a valid bug number.
19:47	<timeless>	i think the diffs are supposedly generated by a bot later
19:47	<AryehGregor>	Use a client that has better URL detection heuristics. > is not valid in URLs per RFC.
19:47	<timeless>	i've never actually seen them
19:47	<AryehGregor>	Yes, but it involves some manual step that Hixie sometimes messes up.
19:48	<zewt>	it's not customary to <> urls on IRC
19:48	<timeless>	well, i seriously haven't ever seen those diffs appearing
19:48	<timeless>	and i do get the resolved mails
20:27	<Hixie>	zcorpan: back when i was editing the spec, it had Origin: client-to-server, and Sec-WebSocket-Origin server-to-client
20:28	<AryehGregor>	This seems to be broken: http://aryeh.name/tests-root/tests/submission/AryehGregor/reflection/reflection-forms.html
20:28	<Hixie>	zcorpan: because Origin: is only defined for client-to-server, and because it was another way to prevent echo servers getting p0wned
20:29	<Hixie>	AryehGregor: yeah, no diff for css changes
20:29	<AryehGregor>	Oh.
20:29	<Hixie>	anyone interested in taking over the pdf generation?
20:40	<AryehGregor>	So in Chrome 15, when I close all windows and reopen one, I no longer see a way to restore the tabs I had open in any window other than the last one closed.
20:40	<AryehGregor>	Sigh?
20:40	<AryehGregor>	I was relying on that.
20:40	<AryehGregor>	Oh, wait.
20:40	<AryehGregor>	They moved it to the lower right corner.
20:41	<AryehGregor>	Works for me.
20:55	<timeless>	heh
21:23	<jgraham>	I assume the correct answer to "how often do you cook turkey" is "never, turkey is the blandest of meats and therefore not worth wasting your life on"
21:23	<TabAtkins>	jgraham: You have never had a correctly-cooked turkey, I see.
21:23	<TabAtkins>	When done right, turkey is moist and flavorful and great.
21:24	<jgraham>	TabAtkins: I am rather confident that there is nothing you can do to turkey to get over the basic problem that it is exceptionally bland meat
21:24	<TabAtkins>	Look up Alton Brown's turkey recipes - the guy is a genius and his method has 100% success with everyone I know who's tried it.
21:24	<TabAtkins>	jgraham: You're confidently wrong, then.
21:24	<Hixie>	where do you stand on chicken?
21:24	<Philip`>	Standing on chickens is cruel
21:24	<Hixie>	(just trying to calibrate so i know how to respond)
21:25	<jgraham>	Chicken is OK if you find a decent one
21:25	<Philip`>	Oh, chicken, not chickens
21:25	<jgraham>	Standing on chickens is what happens in inensive farming :(
21:25	<Hixie>	ok i'm with tab then
21:25	<jgraham>	*intensive
21:26	<jgraham>	I remain skeptical that one could make turkey as nice as e.g. goose
21:26	<jgraham>	One simply has a better raw ingredient
21:27	<TabAtkins>	Never had goose, but I've had duck. Are they at all similar?
21:27	<jgraham>	Somewhat
21:27	<jgraham>	It is certainly the closest comparison I can think of
21:27	<TabAtkins>	Then I have personally cooked turkey that is as good as duck in a high-quality restaurant (from a pure meat perspective).
21:31	<jgraham>	Then I will withhold final judgement until I have tried this miracle recipe. But in the meantime I will continue to work under the hypothesis that the anglophone tradition of turkey for celebratory meals is a sad loss for gastronomy
21:31	<TabAtkins>	jgraham: Come to my house for Christmas.
21:32	<TabAtkins>	I'm not disagreeing with your hypothesis, though - most people cook terrible turkey.
21:32	<jgraham>	That would make it hard to cook Christmas dinner at my house. Unless Christmas is like pixar releases and happens earlier in the US than anywhere else in the world
21:33	<jgraham>	(I seriously recommend trying goose though. Properly cookd it can be delicious)
21:35	<timeless>	jgraham: the reason for turkey is that it's bigger and cheaper and feeds more
21:35	<timeless>	geese are smaller, more expensive, take more effort and feed fewer
21:35	<jgraham>	timeless: I know
21:36	<jgraham>	Although the "take more effort" is wrong
21:36	<timeless>	i think i've had duck once or twice at most, it's nice, but kind of like fish, rather delicate
21:36	<jgraham>	Unless you are keeping them yourself, perhaps
21:36	<timeless>	jgraham: more effort is wrt total effort to prepare sufficient to feed the same number of people
21:36	<jgraham>	(although I understand geese are not that hard to keep)
21:37	Ms2ger	wonders if he should read Hixie's latest commit message as "Pretty iffy"
21:38	<jgraham>	Possibly I am just so antisocial that I never need to feed more than about 8-10 people
21:38	<Ms2ger>	8-10? You must be extremely social
21:38	<timeless>	how many geese?
21:39	<jgraham>	timeless: I'm pretty dure I have done 8 people with one largish goose
21:39	<jgraham>	*sure
21:40	<jgraham>	Yes, the FAQ at http://www.clerkesgeese.com/FAQs.html agrees with me there
21:41	<jgraham>	Of course if US home portions are in the same ratio as US restaurant portions compared to european ones, you can probably divide by 1.5-2
21:42	jgraham	assumes they are not
21:42	<TabAtkins>	I dunno, it's probably closer than not.
21:42	<TabAtkins>	Though I've never eaten a euro home-cooked meal.
21:46	<jgraham>	If you are ever in the same toen as me then we will have to change that
21:46	<jgraham>	*town
21:46	<jgraham>	sigh
21:47	<Hixie>	jgraham: dude if i ever have to feed more than like 5 people i order pizza
21:49	<timeless>	heh
21:49	<jgraham>	Swedish pizza is... interesting. Kebab meat and bearnaise sauce is a popular topping
21:51	moo-_-	in Sweden right now
21:51	<moo-_->	jgraham: I prefer Kebab, bluecheese, pineapple and mayonase
22:00	<jgraham>	ugh
22:00	<jgraham>	:)
22:01	<Hixie>	can you not animate box-shadow with -webkit-transition?
22:01	<Hixie>	can anyone come up with something you might animate based on details[open] ?
22:05	<jgraham>	I assume the height of the bit that appears isn't the answer you are looking for here
22:05	AryehGregor	votes for height
22:06	<TabAtkins>	Hixie: You should be able to - <shadow> is a transitionable type.
22:07	<TabAtkins>	jgraham: That pizza sounds pretty good, actually.
22:07	<Hixie>	am i doing it wrong? http://software.hixie.ch/utilities/js/live-dom-viewer/saved/1105
22:08	<gsnedders>	TabAtkins: You're just wrong.
22:09	<TabAtkins>	gsnedders: About the pizza or the shadow?
22:09	<gsnedders>	TabAtkins: the pizza.
22:09	<Hixie>	about the shadow as well as far as i can tell :-P
22:09	<gsnedders>	TabAtkins: Why would I care about vaguely on-topic discussion? :)
22:09	<TabAtkins>	Hixie: Ah, I see. While <shadow> is an animatable type, the spec currently only defines text-shadow as an animatable property. I assume that's because box-shadow was dropped for a little while.
22:10	TabAtkins	could probably fix that.
22:10	<Hixie>	lame
22:10	<TabAtkins>	Ah, there's even a note that the list omits box-shadow.
22:10	<Hixie>	you got any other ideas of what to animate? 'height' like AryehGregor suggested seems reasonable but hard to do properly since we can't animate to/from 'auto' and since the whole point of <details> is to change the height so UAs are probably already doing it.
22:11	<TabAtkins>	Hixie: Rotate the marker.
22:12	<Hixie>	isn't that something that UAs should do also?
22:12	<Hixie>	maybe i could animate the background or something
22:12	<Hixie>	fade in the details
22:12	<Hixie>	opacity, that might work
22:12	<annevk>	opacity:0 > 1
22:12	<annevk>	or the other way around
22:13	<annevk>	I always forget what is transparent
22:13	<Hixie>	i guess i have to animate a div inside it
22:13	<TabAtkins>	annevk: Fully opaque things aren't transparent.
22:15	<jgraham>	It can't be said too often: not being able to transition to auto height is lame
22:16	<TabAtkins>	Yus.
22:16	<jgraham>	Also, so is pizza with bearnaise sauce
22:17	<eighty4>	Sorry for the nick changes earlier
22:34	<Hixie>	TabAtkins: dude this don't work neither! http://software.hixie.ch/utilities/js/live-dom-viewer/saved/1106
22:35	<jamesr>	Hixie: that link tries to animate box-shadow
22:35	<Hixie>	no?
22:36	<Hixie>	details div { -webkit-transition: opacity 0.5s ease; opacity: 0; } details[open] div { box-shadow: black 0 0 1em; opacity: 1; }
22:36	<Hixie>	it has a shadow appear, sure
22:36	<Hixie>	but the opacity is what is changed dynamically
22:36	<jamesr>	ah, i see
22:37	<annevk>	prolly a bug?
22:37	<Hixie>	yeah i guess you just can't animate with <details> in webkit
22:37	<Hixie>	anyone else implement it?
22:38	<annevk>	don't think so
22:39	<Hixie>	my opera build won't load live dom viewer, wtf
22:51	<TabAtkins>	Hixie: Oh, actually, yeah, that's probably true. Our <details> impl is pretty hacky. I think we do some manual rendertree hacking, so it's not surprising if some things break.
23:20	<AryehGregor>	Sigh.
23:20	<AryehGregor>	So Apple wants the spec at the W3C, and people are in fact going to fork it if I don't publish it there.
23:20	<AryehGregor>	All right, I lose.
23:21	<AryehGregor>	Or at any rate, I give up. W3C it is.
23:21	<AryehGregor>	No arguing with major implementers.
23:22	<annevk>	offlist?
23:22	<annevk>	and does "fork" mean publish?
23:23	<annevk>	doesn't seem so bad to me
23:27	<TabAtkins>	Yeah, they'll do your work for you. ^_^
23:30	<annevk>	found the relevant bug
23:30	<annevk>	should get ourselves a pp
23:32	<annevk>	AryehGregor, also, have fun getting the WebApps WG recharter to take on that work item :p
23:45	<mercator>	Does HTML5 define somewhere how HTML tags are supposed to interact with context-sensitivity in Unicode characters?
23:45	<mercator>	I.e. http://stackoverflow.com/questions/7069247/css-formating-cursive-word-breaks-it
23:46	<TabAtkins>	mercator: That's a CSS issue, actually.
23:47	<Philip`>	I thought at least Firefox was able to apply colours to characters without breaking apart ligatures etc
23:48	<TabAtkins>	Should be able to, yes.
23:48	<Philip`>	My Firefox on Linux does do that with that example
23:48	<Philip`>	(Opera doesn't)
23:50	<mercator>	TabAtkins: Is it? It does mention things like right-to-left embedding. Isn't this similar? The actual CSS being applied doesn't really matter. Should a tag break ligatures?
23:51	<TabAtkins>	mercator: In general, the answer is no, it shouldn't. Whether or not implementations support it properly is a different question.
23:52	<annevk>	we don't define things in that detail
23:52	<annevk>	it's implementation quality atm
23:52	<annevk>	much like line-breaking
23:55	<mercator>	Hmmm, I suppose character selection in fonts is more CSS than HTML... And indeed, implementations are rather different.