| 00:02 | <jamesr___> | sapporo sounds way more interesting than san jose to me |
| 00:02 | <gsnedders> | To be fair, most places sound more interesting than San Jose |
| 00:14 | <ccardona-work> | i didn’t say that it San Jose was more interesting. I said that i was fortunate that at the time when I was studying web development in santa cruz the TPAC happened to be in San Jose which allowed Google to pay for me to go. |
| 00:14 | <ccardona-work> | i was able to meet a bunch of the WHATWG crew and i wouldn’t have been able to do that if it would have been in another country. |
| 00:20 | <gsnedders> | I like how the WHATWG people are always the "crew" |
| 00:20 | <gsnedders> | Is this some really common Americanism? |
| 00:40 | <tantek> | yes |
| 00:49 | <wanderview> | I think I heard the kids "squad" these days |
| 01:05 | <nox> | gsnedders: Used quite often in French hip hop too. :P |
| 01:06 | <MikeSmith> | gsnedders: looking at the invite-expert thing now |
| 01:09 | <MikeSmith> | gsnedders: done, afaict |
| 01:11 | <MikeSmith> | Apache project is so sad |
| 01:11 | <MikeSmith> | https://bz.apache.org/bugzilla/show_bug.cgi?id=47485#c20 |
| 01:12 | <MikeSmith> | *Apache Web Server Project |
| 01:13 | <MikeSmith> | dunno why anybody in their right mind actualy willingly chooses apache unless they have no other others for some reason |
| 01:18 | <tantek> | MikeSmith because they have legacy .htaccess httpd.conf they don't want to try to figure out for new web server software? |
| 01:19 | <MikeSmith> | tantek: yeah probably so in a lot of cases |
| 01:19 | <MikeSmith> | but that too is a sad reason |
| 01:19 | <gsnedders> | MikeSmith: https://www.w3.org/2004/01/pp-impl/40318/join still says "[not authorized to join]" |
| 01:19 | <tantek> | MikeSmith - serving HTTP is not portable across implementations |
| 01:20 | <tantek> | definitely a weakness in the overall web platform |
| 01:20 | <MikeSmith> | yeah |
| 01:21 | <MikeSmith> | gsnedders: my thing says "Geoffrey Sneddon's Invited Expert status... Geoffrey Sneddon is an invited expert without Member access... This person is currently allowed to participate in:" |
| 01:21 | <MikeSmith> | it all looks right |
| 01:22 | <gsnedders> | MikeSmith: um… |
| 01:22 | <gsnedders> | MikeSmith: uh |
| 01:22 | <gsnedders> | MikeSmith: I've never been able to get this to work since I ceased being an Opera rep, FWIW |
| 01:22 | <gsnedders> | MikeSmith: so I guess there's some bad state somewhere |
| 01:22 | <MikeSmith> | gsnedders: maybe I can get it resend it |
| 01:23 | <MikeSmith> | lemme check on stuff |
| 01:26 | <MikeSmith> | gsnedders: try the one I just sent now |
| 01:26 | <MikeSmith> | your inbox |
| 01:26 | <gsnedders> | MikeSmith: that works |
| 01:26 | <MikeSmith> | rock n roll |
| 01:26 | <gsnedders> | MikeSmith: and so does the HTML one now too |
| 01:26 | <MikeSmith> | oh |
| 01:27 | <MikeSmith> | ok well you can join both |
| 01:27 | <gsnedders> | don't I need chairs permission for webapps? |
| 01:28 | <MikeSmith> | well |
| 01:28 | <MikeSmith> | officially I guess you're supposed to |
| 01:28 | <MikeSmith> | so Art may ask me about it |
| 01:28 | <MikeSmith> | but Art is my pal and we can work it out either way |
| 01:29 | <gsnedders> | also, how do I control what email gets auto-subscribed to the list? is it the default email on my account? |
| 01:29 | <MikeSmith> | but as far as the system is concerned, you're already in |
| 01:29 | gsnedders | forgets how this works |
| 01:29 | <MikeSmith> | yes |
| 01:29 | <MikeSmith> | the WG lists are so-called "DB-backed" lists |
| 01:29 | <MikeSmith> | if you're in the WG, you can't un-subscribe from them |
| 01:30 | <MikeSmith> | the only way to get off the mailing list is to leave the WG |
| 01:30 | <MikeSmith> | ah yeah |
| 01:30 | gsnedders | wonders if he should keep with the separate email account for mailing lists nonsense |
| 01:30 | <gsnedders> | it made more sense when I cared about space |
| 01:30 | <gsnedders> | like, gigabytes of emails mattering |
| 01:31 | <MikeSmith> | yeah, it's your acount e-mail address and you can"t change it to another address |
| 01:31 | <MikeSmith> | boo hoo hoo (about gigabytes of e-mail) |
| 01:31 | <gsnedders> | I'd love if it were possible for change it to another address on your account, FWIW |
| 01:32 | <MikeSmith> | it may actually be but if so I don't know how |
| 01:32 | <MikeSmith> | if you send a message to sysreq⊙wo you can see |
| 01:32 | gsnedders | decides to kill off foolistbar⊙gc now space is cheap and he hasn't actually sent any email from that account in years |
| 01:32 | <MikeSmith> | doesn't hurt to ask |
| 01:33 | <gsnedders> | so it doesn't matter at all :P |
| 01:35 | <MikeSmith> | wanderview: as far as "crew" vs "squad" the coolest word is actually "set" |
| 01:36 | <gsnedders> | MikeSmith: interestingly I only got an email for joining the webapps, not the html wg |
| 01:37 | <gsnedders> | was I somehow sorta a member still of the html wg? weird |
| 01:37 | gsnedders | wonders whether he's attending plenary day |
| 01:37 | <gsnedders> | without MikeSmith around it doesn't seem worth it |
| 01:56 | <MikeSmith> | plenary day is usually fun |
| 01:56 | <MikeSmith> | they do it unconference-style now |
| 01:57 | <MikeSmith> | after tantek helped get it set up that way 2-3 years back |
| 01:57 | <MikeSmith> | so it can be genuinely productive and enlightening |
| 01:57 | <MikeSmith> | breakout sessions |
| 03:15 | <cvrebert> | Anyone care to confirm that I'm reading the maxlength part of the HTML spec right?: http://jsbin.com/xutife/1/edit?html,js,output |
| 03:19 | <cvrebert> | Because if yes, then Firefox and Edge are buggy |
| 05:47 | <MikeSmith> | mkwst: https://w3c.github.io/webappsec/specs/powerfulfeatures/#example-ba3d2b06 makes me wonder if maybe you should introduce the notion/terminology of something having become "tainted" |
| 05:47 | <MikeSmith> | (the case of Shared Worker shared with an insecure context) |
| 05:48 | <MikeSmith> | also, the example might benefit from titles |
| 05:48 | <MikeSmith> | e.g., Example 10: Shared Worker shared with an insecure context |
| 05:49 | <MikeSmith> | e.g., Example 9: Shared Worker shared only with secure contexts |
| 05:50 | <mkwst> | MikeSmith: annevk suggested something similar in a GitHub issue. I'm not sure it's worth the complexity. |
| 05:52 | <mkwst> | https://github.com/w3c/webappsec/issues/406. Feedback on that bug would be helpful. |
| 05:55 | MikeSmith | looks |
| 05:56 | <MikeSmith> | fair enough |
| 05:57 | <MikeSmith> | Progress Not Perfection |
| 06:03 | <cvrebert> | In the hope that either a Mozilla or HTML forms spec wonk is around: https://bugzil.la/1203844 |
| 06:07 | <annevk> | cvrebert: looks valid if it still applies in Nightly (haven't tested) |
| 06:07 | <annevk> | cvrebert: bugs in web standards you want to file against Core, not Firefox |
| 06:08 | <cvrebert> | annevk: tested in Dev Edition 42.0a2 |
| 06:10 | <cvrebert> | annevk: I've had mixed experiences with pre-triaging like that; never gotten a response to some of them |
| 06:11 | <annevk> | cvrebert: hmm yeah I guess sometimes you need to copy folks |
| 06:11 | <annevk> | cvrebert: so maybe I just ruined it for you, huh? |
| 06:12 | <annevk> | Wow, MikeSmith is hacking Pascal |
| 06:16 | <MikeSmith> | I seriously like this code |
| 06:16 | <MikeSmith> | the Wattsi code |
| 06:16 | <MikeSmith> | the change I made is trivial but I took an opportunity to explore some of the rest of it |
| 06:17 | <MikeSmith> | and it's pretty clever |
| 06:17 | <MikeSmith> | e.g., the html parser |
| 06:20 | <cvrebert> | annevk: yeah. well, hopefully setting is as a dependency of the html5forms bug just spammed someone relevant |
| 06:20 | <MikeSmith> | cvrebert: Mozilla is rumored to have a secret IRC server called irc.mozilla.org or something like that, and secret #developers or some such channel where the developers would probably hang out if such a thing did exist |
| 06:20 | <MikeSmith> | just sayin' |
| 06:20 | <annevk> | Bug tracking for large projects gets so complicated |
| 06:23 | <MikeSmith> | cvrebert: there's also a magic phrase I saw someone use once that has special power to get implementor attention for a bug report |
| 06:23 | <MikeSmith> | "I have now invested quite a lot effort into this bug, time has come for you to act." |
| 06:26 | <cvrebert> | MikeSmith: Ah, the ol' "insult them so they help you just to spite you" gambit. http://www.2ality.com/2012/09/getting-help-linux.html |
| 06:32 | <mkwst> | MikeSmith: I usually hear "I'm going to move to Firefox unless you fix this!" |
| 06:32 | <mkwst> | Totally effective, by the way. I drop whatever I'm doing, every time. |
| 06:37 | <annevk> | I guess the holidays are over |
| 06:37 | <annevk> | Waking up to 41 unread threads is new |
| 06:51 | <annevk> | Whoa, code for merging big5 and big5-hkscs just landed https://bugzilla.mozilla.org/show_bug.cgi?id=912470 |
| 06:51 | <annevk> | hsivonen++ |
| 06:55 | <mkwst> | annevk: Any thoughts on https://github.com/w3c/webappsec/issues/263, many months later? |
| 07:01 | <mkwst> | Do you still think something like `navigator.permissions.query({ name: "secureContext" })` is a good model? |
| 07:02 | <annevk> | mkwst: no |
| 07:03 | <annevk> | mkwst: I think ideally we just make secure contexts part of HTML |
| 07:03 | <annevk> | mkwst: but it's still not clear to me if we can do for shared workers and several other things what would be ideal from a security perspective |
| 07:04 | <annevk> | mkwst: to make the Bs cross-origin in the setup insecure A -> secure B and secure C -> secure B |
| 07:05 | <mkwst> | annevk: Yeah. It's just not clear to me that that's enough of a risk to inject a good deal of complexity into the origin concept (and implementation, etc). |
| 07:06 | <annevk> | mkwst: but if we're not doing that, doing ancestor checks seems rather phony |
| 07:06 | <mkwst> | That said, I kinda want to do something like that. rbarnes pointed me to the Containers concept that's floating around Mozilla. It would be nice to allow sites to opt into something like that. |
| 07:07 | <annevk> | mkwst: which is rather straightforwardly done in HTML, if the environment was created based on a response whose HTTPS state is authenticated, ... |
| 07:07 | <mkwst> | annevk: Really? It covers a good chunk of the badness, doesn't it? The case that it doesn't cover is when a new window pops up and uses a shared worker to proxy data to a frame with an insecure ancestor, that then pumps the data to the insecure ancestor. |
| 07:07 | <MikeSmith> | annevk: (or anybody) do you know what the holdup is on SW client.navigate()? |
| 07:07 | <annevk> | MikeSmith: maybe JakeA knows |
| 07:08 | <MikeSmith> | k |
| 07:08 | <annevk> | mkwst: maybe, both bz and bholley weren't very convinced |
| 07:08 | <MikeSmith> | JakeA: https://code.google.com/p/chromium/issues/detail?id=500911 seems to be stalled since late June |
| 07:08 | <annevk> | mkwst: and when it comes to this, you want them on board |
| 07:09 | <annevk> | mkwst: I don't think rbarnes has wrestled with that code much, but I could be mistaken |
| 07:09 | <mkwst> | annevk: I think bz was more concerned about the sloppy ancestor chain walking than the concept. That was my read of https://lists.w3.org/Archives/Public/public-webappsec/2015Jul/0033.html. |
| 07:10 | <mkwst> | For clarity, the containers thing is a separate topic entirely. Related tangentially, but distinct from this conversation. |
| 07:11 | <annevk> | mkwst: I guess, maybe it just irks me that's it not properly grounded |
| 07:11 | <mkwst> | It's not clear what "properly grounded" means. :) |
| 07:12 | <annevk> | mkwst: once you start checking lists for bits you lose, basically, security-wise |
| 07:12 | <annevk> | mkwst: https://en.wikipedia.org/wiki/Ambient_authority |
| 07:13 | <annevk> | mkwst: at some point CORS had a thing where each redirect appended something to the Origin header and the server had to approve them all |
| 07:13 | <annevk> | mkwst: Mark Miller kinda destroyed that |
| 07:14 | <JakeA> | MikeSmith: ohhh, that was in Canary last I checked |
| 07:15 | <JakeA> | MikeSmith: ah, so it's blocked on security review. I'll chase it |
| 07:17 | <mkwst> | annevk: Pushing a taint bit down to each context is certainly doable. |
| 07:18 | <annevk> | mkwst: I think you misunderstood |
| 07:19 | <mkwst> | Enlighten me. :) |
| 07:19 | <annevk> | mkwst: I guess what I'm saying is that if this doesn't become a new type of origin, it's not grounded |
| 07:19 | <annevk> | mkwst: and just some additional checks to make things difficult |
| 07:21 | <mkwst> | We didn't change the origin concept for mixed content. Or certificate changes. Cookies continue to span across everything on an eTLD+1. |
| 07:21 | <mkwst> | I think that anything we do here will be "additional checks to make things difficult". |
| 07:22 | <mkwst> | For instance: if I can pop up a new window, I don't need the shared worker, as the frame and the window can communicate directly via `window.opener` or indirectly via `postMessage`. |
| 07:22 | <mkwst> | Splitting the origin prevents them from communicating via `localStorage` as well, but I'm not sure it does much more than that. |
| 07:27 | <annevk> | BroadcastChannel would stop working |
| 07:28 | <annevk> | Mixed Content was a mistake we're trying to fix, that's different |
| 07:28 | <annevk> | If we were to introduce HTTPS today, we wouldn't have Mixed Content |
| 07:28 | <annevk> | Same for eTLD+1 |
| 07:30 | <mkwst> | (I've never heard of BroadcastChannel... guess I need to skim the spec?) |
| 07:31 | <annevk> | mkwst: it allows same-origin environments to communicate |
| 07:32 | <mkwst> | Interesting. Why do we need that? |
| 07:34 | <annevk> | mkwst: folks were abusing localStorage's storage events for it... it's an alternative to shared workers, which we were hoping folks would use |
| 07:34 | <MikeSmith> | heycam|away: if you care to comment https://github.com/whatwg/html/pull/137 |
| 07:35 | <MikeSmith> | JakeA: thanks! |
| 07:36 | <mkwst> | Apparently https://crbug.com/161070 |
| 07:36 | <mkwst> | Filed in 2012, worked on briefly in 2014, no one's on it right now. |
| 07:38 | <MikeSmith> | what's the +1 in eTLD+1 for? |
| 07:38 | <mkwst> | effective top level domain of `yay.appspot.com` is `appspot.com`. |
| 07:38 | <MikeSmith> | yeah that part I know |
| 07:38 | <MikeSmith> | oh |
| 07:38 | <mkwst> | eTLD+1 is `yay.appspot.com`, which is the first bit that you can set cookies on, etc. |
| 07:38 | <MikeSmith> | I see |
| 07:38 | <MikeSmith> | yeah |
| 07:39 | <mkwst> | +1 label. |
| 07:39 | <MikeSmith> | Yeah I could have figured that out if I had thought about it for a few seconds instead of asking |
| 07:39 | <MikeSmith> | thanks |
| 07:45 | <MikeSmith> | https://github.com/whatwg/html/blob/03aaf5e2f7e2af9663819556baa275ea38758295/images/asyncdefer.svg is another good diagram |
| 07:47 | <annevk> | I want a term for eTLD+1, I was thinking "site" but a URL's site just seems rather wrong |
| 07:48 | <annevk> | That's one of the things blocking a more formal definition of public suffixes in URL |
| 07:49 | <mkwst> | "registerable domain"? |
| 07:50 | <annevk> | mkwst: doesn't make sense for github.io |
| 07:50 | <annevk> | well maybe it does a bit for that one |
| 07:50 | <mkwst> | Sure it does. GitHub is the registrar, and hands out assignments based on usernames. |
| 07:52 | <annevk> | I guess it might be true for all of them, but in theory you could have a company that just wants defense-in-depth and applies for it therefore |
| 07:53 | <mkwst> | Sure. It's still the registrar. |
| 07:54 | <mkwst> | Just like Google is the registrar for `.google`. |
| 07:54 | <mkwst> | "registerable" doesn't mean "publicly registerable". |
| 09:25 | <annevk> | mkwst: I see a PR to the URL standard in your future :-P |
| 09:31 | <mkwst> | `git clone everything-that-anne-works-on` |
| 09:35 | <mkwst> | annevk: Where do you want it? "A URL's host is a registerable domain if blah blah labels blah blah publicsuffix.org blah." + "A URL is registerable if its host is a registerable domain."? |
| 09:37 | <annevk> | mkwst: perhaps it should be part of https://url.spec.whatwg.org/#hosts-%28domains-and-ip-addresses%29? |
| 09:37 | <mkwst> | Yeah. That's where I'm putting the first part. I guess we don't need the second part. |
| 09:38 | <annevk> | mkwst: note https://www.w3.org/Bugs/Public/show_bug.cgi?id=25865 in particular |
| 09:38 | <annevk> | mkwst: also, I haven't studied the cookie RFC and document.domain closely enough to know what hooks they would need to drop the direct dependency on publicsuffix |
| 09:38 | <annevk> | mkwst: we'd want to make sure this fix addresses that |
| 09:39 | <mkwst> | I'm poking at the Cookie RFC somewhat unwillingly already, so, yeah. `document.domain` just says something like "If value is a public suffix, reject." |
| 09:42 | <mkwst> | https://html.spec.whatwg.org/multipage/browsers.html#dom-document-domain step 4.3 |
| 09:47 | <annevk> | mkwst: yeah, we could make that "if new value is not a registrable domain, throw" |
| 09:48 | <annevk> | mkwst: btw, it's registrable according to G, not registerable |
| 09:48 | <annevk> | registerrible |
| 09:49 | <mkwst> | Whatever. It's whatever we say it is. Referer, for instance. |
| 09:52 | <annevk> | I'll redefine you as Mike East, PR coming up |
| 10:01 | <mkwst> | If you find my spec, _please_ let me know. I'm so confused about so many things. :) |
| 10:26 | <jgraham> | mkwst: Have you read specs recently? "confused about many things" is their default state |
| 10:48 | <MikeSmith> | annevk: about https://github.com/whatwg/html-build/issues/26#issuecomment-139465986 what happened? |
| 10:57 | <annevk> | MikeSmith: so Domenic tried to pull in my PR and apply it, but due to my PR not being rebased it got lost since he didn't have history |
| 10:57 | <MikeSmith> | ah |
| 10:58 | <MikeSmith> | so that's fixable |
| 10:58 | <MikeSmith> | when contributors get to the point that they have a branch ready to merge, we can tell them how to do it |
| 10:59 | <MikeSmith> | or we just do it |
| 10:59 | <annevk> | MikeSmith: well, Domenic tried to merge my thing but it got messed up since his local repo was not complete |
| 10:59 | <MikeSmith> | OK |
| 10:59 | <annevk> | MikeSmith: so I guess it's mainly a problem for any "team" folks if they use that setup |
| 11:00 | <MikeSmith> | yeah |
| 11:00 | <MikeSmith> | we need to document it in TEAM.md |
| 11:00 | <MikeSmith> | anyway I figured out a fix to a different problem that Domenic reported yesterday |
| 11:00 | <MikeSmith> | which is the the --depth 1 thing left him unable to get any other branches |
| 11:00 | <jgraham> | Having an incomplete local checkout just seems like it's asking for things to be more complicated than necessary |
| 11:02 | <MikeSmith> | jgraham: well the alternative is that first time every new contributor who doesn't already have a repo shows up, they have to sit for a long time waiting for the build to clone the entire history |
| 11:02 | <MikeSmith> | but I agree with you |
| 11:02 | <MikeSmith> | it's just, we will need to get the contributors to actually clone the whole history eventually |
| 11:03 | <MikeSmith> | just not the very first moment they try to get their environment set up |
| 11:05 | <jgraham> | Depends how long that actually takes I guess |
| 11:05 | <MikeSmith> | long |
| 11:05 | <MikeSmith> | too long |
| 11:06 | <MikeSmith> | it gets to around 24% and sorta hangs there every time |
| 11:07 | <MikeSmith> | why, I don't know, but it's 100% reproducbile |
| 11:07 | <MikeSmith> | and then it crawls along for a long time after that before it completes |
| 11:09 | <MikeSmith> | real 3m0.134s |
| 11:09 | <MikeSmith> | just tried it |
| 11:09 | <MikeSmith> | and that is over a ~100Mbs data connection |
| 11:09 | <jgraham> | MikeSmith: Pretty sure that Hixie added something big around commit 0.24 * 9000 |
| 11:09 | <MikeSmith> | yeah I figured he must have |
| 11:09 | <MikeSmith> | oh I bet I know |
| 11:09 | <annevk> | We could just say it'll take a long time |
| 11:10 | <annevk> | I think that's better than ending up with half-working repos |
| 11:10 | <MikeSmith> | that's when he first added the class=impl stuff I bet |
| 11:10 | <jgraham> | So, based on the fact that I have worked with chromium, gecko and (shudder) B2G, 3 minutes for a clone is not a long time ;) |
| 11:11 | <MikeSmith> | annevk: I'm happy to do whatever we get agreement on, but I seriously think we should wait to worry about it until we have contributors show up and if we get actuall evidence that it's causing problems |
| 11:12 | <jgraham> | MikeSmith: My bias, which is worth very little here, is to tell people to do the most normal thing possible until people show up and start indicating that that causes a problem |
| 11:12 | <MikeSmith> | I would rather not preemptively try to avoid problems we don't have evidence we're gonna actually have |
| 11:13 | <MikeSmith> | jgraham: the problem I see with that plan is that they may give up and quit before they actually ever get started |
| 11:13 | <MikeSmith> | we put a lot of thought and time into trying to make the initial build as easy as possible for people |
| 11:13 | <jgraham> | If your commitment to the cause doesn't extend to waiting three minutes for a clone it doesn't seem like you are going to have a great time |
| 11:14 | <MikeSmith> | it would suck if we end up making it take 10 minuts or more for normal people to first try it |
| 11:14 | <jgraham> | I mean for a typo fix or whatever you don't need to make a clone at all, just use the GH UI |
| 11:14 | <mkwst> | jgraham: Does the GH UI work for a million line file? |
| 11:14 | <mkwst> | I suspect it falls down and dies. |
| 11:14 | <MikeSmith> | I wish sometime we would try a bit to think like normal people instead of self-selecting the way that works best for us |
| 11:15 | <mkwst> | MikeSmith: Normal people don't read the HTML spec. |
| 11:15 | <MikeSmith> | they do actually |
| 11:15 | <jgraham> | MikeSmith: My "thinking like normal people" mode tells me that normal people won't read the instructions |
| 11:15 | <MikeSmith> | for better or worse, they actually do |
| 11:15 | <jgraham> | they will try to do a clone in the way that they clone every other repo |
| 11:15 | <jgraham> | and then expect their normal repitiore of git knowledge to work |
| 11:16 | <MikeSmith> | that's the thing |
| 11:16 | <MikeSmith> | this is not from instructions |
| 11:16 | <MikeSmith> | the build does it automatically |
| 11:16 | <MikeSmith> | the git clone call |
| 11:17 | <jgraham> | mkwst: Seems it doesn't. That's annoying |
| 11:17 | <MikeSmith> | anyway, in the end I'm happy to make it do whatever we decide |
| 11:18 | <nox> | mkwst: You mean we aren't normal? |
| 11:18 | <MikeSmith> | but I would just like the decision to be based on some kind of evidence rather than on opinions |
| 11:18 | <nox> | 13:15 <jgraham> MikeSmith: My "thinking like normal people" mode tells me that normal people won't read the instructions |
| 11:18 | <nox> | jgraham: I know how to save the Web, thanks to you. |
| 11:18 | <mkwst> | nox: _You_, of course, are normal. It's the rest of us. |
| 11:18 | <MikeSmith> | heh |
| 11:18 | <nox> | jgraham: When do we get Ikea in WHATWG? |
| 11:18 | <nox> | They should be the ones write the instructions! |
| 11:18 | <nox> | writing* |
| 11:19 | <MikeSmith> | "Please leave your sense of normalness at the door." |
| 11:19 | <jgraham> | We should replace specs with little pictoral diagrams of people trying to build a web browser |
| 11:20 | <jgraham> | "assembley will require dozens of people and about 10 years" |
| 11:20 | <MikeSmith> | :) |
| 11:20 | <nox> | jgraham: "578,567,543,154,102 pieces" |
| 11:46 | <annevk> | mkwst: only 120k lines or so |
| 11:48 | <mkwst> | annevk: close enough. |
| 11:48 | <annevk> | hah |
| 12:09 | <annevk> | So editing HTML makes TextWrangler a bit sluggish at times, anyone know if that can be improved? |
| 12:09 | <mkwst> | Use vim. |
| 12:09 | <gsnedders> | Use emacs. |
| 12:09 | <mkwst> | :P |
| 12:10 | <gsnedders> | Damnit, mkwst, you're too fast! |
| 12:10 | <mkwst> | Fewer characters. |
| 12:10 | <gsnedders> | Bah, real men use ed! |
| 12:10 | <annevk> | Hmm, if I turn off syntax highlighting for the document... |
| 12:13 | <mkwst> | Then your document will be black and white and boring. |
| 12:15 | <nox> | annevk: Long lines, maybe? |
| 12:15 | <nox> | If TextWrangler is as well-coded as Atom, I mean. |
| 12:23 | <nerocode> | Q&A peeps: why most web designers do their project in mac, not in pc? |
| 12:24 | <Ms2ger> | They don't |
| 12:25 | <jgraham> | Or at least [citation needed] |
| 13:16 | <annevk> | Oh wow, SVGSVGElement. They couldn't even copy the convention from HTMLHtmlElement |
| 13:30 | <gsnedders> | nerocode: conjecture: the Mac-only browsers are harder to test than the Windows-only browsers (there are free VMs for IE, there are no VMs for Safari) |
| 13:32 | <wanderview> | annevk: do you remember what we said in july about what to do with marking bodyUsed when the body is null vs empty? |
| 13:32 | <wanderview> | I'm having a hard time deciphering our final decision from https://etherpad.mozilla.org/streams-f2f-july |
| 13:33 | <annevk> | bodyUsed returns IsDisturbed(stream) || used flag |
| 13:33 | <annevk> | - used flag is only relevant when you transfer body to another request (via new Request(otherRequest)). (This can't be done for responses.) |
| 13:33 | <annevk> | wanderview: I think that's the relevant bit |
| 13:34 | <wanderview> | annevk: and we want to make bodyUsed true if you read an empty stream, but not true if the body is null? |
| 13:35 | <annevk> | wanderview: when body is null there's no stream to be disturbed |
| 13:35 | <wanderview> | right |
| 13:35 | <annevk> | wanderview: so yes, only empty stream |
| 13:52 | <wanderview> | thanks |
| 14:10 | <wanderview> | Domenic: annevk: what is wrong with requiring H2 if fetch is only going to be used with "the modern web"> |
| 14:10 | <wanderview> | ? |
| 14:40 | <annevk> | wanderview: it's weird |
| 14:41 | <wanderview> | annevk: whats weird now? |
| 14:41 | <annevk> | wanderview: and I don't understand the reasoning |
| 14:42 | <wanderview> | oh, my question... I already gave in on the gh issue |
| 14:42 | <annevk> | okay |
| 15:19 | <gsnedders> | bah, no zcorpan or any other current Opera person around |
| 15:19 | <gsnedders> | how am I meant to work out what this crazy test is doing?! |
| 15:23 | <jgraham> | hallvors: Aren't "Opera" and "crazy test" some sort of bat signal for you? |
| 15:24 | <gsnedders> | He doesn't have SVN access to work out the history of the test, which I think is what will make it easy to understand. |
| 15:25 | <jgraham> | He might have brain history that does the same thing |
| 15:25 | <gsnedders> | Though I did just install Opera 12 to try running tests there. Gee, the UI is even worse than I remember on OS X. |
| 15:51 | <annevk> | gsnedders: philipj is in the channel... not sure about around |
| 15:54 | <ytrezq> | Hello, I have someone claiming that the javascript: scheme is only to be used in the navbar and with <a> <frame> <iframe>. However I’ve unable to found reference to support this, or more exactly,all I found is an expired ɪᴇᴛꜰ draft that didn’t told anything about this. |
| 15:56 | <ytrezq> | May some please give a link to standard or recommendation please ? |
| 15:56 | <ytrezq> | May some please give a link to the relevant standard or recommendation please ? |
| 16:05 | <annevk> | ytrezq: https://whatwg.org/html |
| 16:06 | <annevk> | ytrezq: https://html.spec.whatwg.org/multipage/browsers.html#javascript-protocol is the specific reference |
| 16:07 | <annevk> | ytrezq: anywhere else javascript: is an unknown scheme and treated the same as a network error |
| 16:22 | <ytrezq> | annevk: thank you looks likes he was partly wrong by saying he saw it on w3c.org |
| 16:36 | <ytrezq> | annevk: but I still don’t see where this behaviour is written |
| 16:40 | <annevk> | ytrezq: W3C copies our work, so you can likely find it there too |
| 16:42 | <ytrezq> | abarth: no, I mean I still don’t see/understand where is the explained behaviour on https://html.spec.whatwg.org/multipage/browsers.html#javascript-protocol |
| 16:42 | <ytrezq> | (It’s true I also would like the ᴡ3ᴄ reference) |
| 16:43 | <ytrezq> | (probably need to be quoted here) |
| 16:45 | <ytrezq> | sorry abarth wanted to wrote annevk |
| 16:46 | <annevk> | ytrezq: well, that is the navigate algorithm, there's only a couple of elements that can cause that to be invoked, which automatically limits where you can use javascript successfully |
| 16:47 | <annevk> | ytrezq: anyway, I'd recommend to avoid javascript:, the only reason it's in the spec at all is because we cannot break the web |
| 16:48 | <ytrezq> | annevk: Yes I know. |
| 16:48 | <ytrezq> | the point was about allowing data: and javascript: scheme for the longdesc attribute |
| 16:49 | <ytrezq> | the longdesc attribute seems to behave like <a> |
| 16:49 | <ytrezq> | (if implemented via a click in the context menu) |
| 16:50 | <ytrezq> | %R Per that spec, it should only work in <a>, <frame>, and <iframe> (and notably not <object>; we just haven't gotten around to removing it there yet).%O |
| 16:51 | <ytrezq> | %R“ Per that spec, it should only work in <a>, <frame>, and <iframe> (and notably not <object>; we just haven't gotten around to removing it there yet).”%O |
| 16:52 | <annevk> | ytrezq: longdesc is obsolete, any implementation that supports it is wrong |
| 16:53 | <ytrezq> | even for html version4 ? |
| 16:53 | <annevk> | ytrezq: HTML doesn't have versions |
| 16:53 | <ytrezq> | ok html4 then |
| 16:53 | <annevk> | ytrezq: HTML4 is obsolete |
| 16:55 | <annevk> | Which reminds me, I should replace HTML5 with HTML in https://annevankesteren.nl/2007/04/html-red-pill I guess |
| 16:56 | <ytrezq> | thank you |
| 16:57 | annevk | strikes it to preserve history |
| 16:59 | <ytrezq> | And sorry for insisting, but how would the <embed> element violate the Origin Policy of the algorithm (can’t see how it is forbidden) |
| 17:00 | <annevk> | ytrezq: are you asking why <embed> wouldn't support javascript URLs? |
| 17:01 | <ytrezq> | ehmmm yes… |
| 17:01 | <ytrezq> | ehmmm yes I do… |
| 17:01 | <annevk> | ytrezq: well, <embed> doesn't use navigate |
| 17:01 | <annevk> | ytrezq: it fetches the resource itself, and fetching javascript URLs results in a network error |
| 17:02 | <annevk> | ytrezq: javascript URLs not working is not really related to the same-origin policy |
| 17:02 | <annevk> | ytrezq: <object> is similar to <embed> in that respect, btw |
| 17:04 | <ytrezq> | “doesn't use navigate” I still not understand what navigate is (or at least it’s concept). |
| 17:04 | <annevk> | ytrezq: it's an algorithm that describes how user agents navigate browsing contexts |
| 17:05 | <ytrezq> | ok |
| 17:05 | <annevk> | ytrezq: browsing contexts are what you see in e.g., a browser, and can be nested through <frame> and <iframe> and such |
| 17:06 | <annevk> | ytrezq: the link I gave you earlier points to a step in the navigate algorithm, it's quite long |
| 17:09 | <ytrezq> | So I guess only <iframe> <frame> and <a> use it ?(removing here other attributes are obsolete) |
| 17:11 | <annevk> | ytrezq: yeah, that seems about right, there's a bunch of other features that tie into navigate as well of course, but that's mostly script |
| 17:12 | <ytrezq> | I’m talking about ʜᴛᴍʟ ones |
| 17:12 | <annevk> | ytrezq: <area> too |
| 17:12 | <annevk> | ytrezq: and <form action> maybe |
| 17:13 | <annevk> | ytrezq: HTML is a tad ambiguous, since the standard defines many APIs too, but I suppose you just mean the markup bits |
| 17:14 | <ytrezq> | <input> ? |
| 17:15 | <annevk> | ytrezq: why would <input> use navigate? |
| 17:16 | <ytrezq> | it can take an src attribute |
| 17:17 | <annevk> | ytrezq: there's lots of elements that can fetch resources |
| 17:17 | <annevk> | ytrezq: has nothing to do with navigate |
| 17:18 | <annevk> | anyway, hopefully someone else can help you out further, taking a break |
| 17:25 | <ytrezq> | annevk: no not that much <applet> <base><head> <img> <ins> <audio> <audio> <button> <command> <html> <source> <video> <meta> <link> |
| 17:25 | <ytrezq> | annevk: no not that much <applet> <base><head> <img> <ins> <audio> <button> <command> <html> <source> <video> <meta> <link> |
| 17:27 | <jsbell> | Any mozillians about who have opinions on http://w3c.github.io/filesystem-api/ ? |
| 17:28 | <Ms2ger> | jsbell, did you ever submit those timing tests to wpt? |
| 17:29 | <jsbell> | Ms2ger: The microtasks vs. tasks ones? No... trying to find the gist or whatever I dumped them in now... |
| 17:30 | <jsbell> | Oh, yes, https://gist.github.com/inexorabletash/9bf9ff9c0c62c4bc814f - because gists are indexed by name of first file, not title. :P |
| 17:34 | <jsbell> | Ms2ger: Suggestion for a directory? (or you could do it, since you'll get all the <meta> tags right the first time etc) |
| 17:35 | <jgraham> | <meta> tags? |
| 17:35 | <jgraham> | Or are these reftests? |
| 17:35 | <jsbell> | or link or whatever |
| 17:35 | <jsbell> | see, this is why I shouldn't do it. :) |
| 17:36 | <jgraham> | My point is that unless they're reftests you shouldn't need to do much of anything |
| 17:36 | <jsbell> | heh. Well, suggest a directory. naming is hard |
| 17:36 | <jgraham> | I have no idea what these tests are :) |
| 17:36 | <jgraham> | Which spec? |
| 17:37 | gsnedders | wonders what the odds of dropping XPathEvaluator etc. are… |
| 17:37 | <jgraham> | jsbell: And re: filesystem api I guess you maybe want sicking? |
| 17:38 | <jsbell> | jgraham: I guess technically html - https://html.spec.whatwg.org/#processing-model-9 |
| 17:38 | <jsbell> | jgraham: sorry, not multipage, don't click that. :P |
| 17:39 | <gsnedders> | somewhere in the html directory, then :P |
| 17:39 | <gsnedders> | I would find where exactly, but that'd mean reopening the spec which I just closed |
| 17:40 | <jsbell> | okay, sensible answers, I'm good |
| 17:42 | <jgraham> | jsbell: There's a system! |
| 17:42 | <jgraham> | directories are named after the id of the section headings |
| 17:42 | <jsbell> | yeah, yeah, got it now. :) |
| 17:43 | <jgraham> | html/webappapis/scripting/event-loops sounds about right |
| 17:44 | <jsbell> | yep, working on the patch now |
| 17:44 | <jgraham> | jsbell++ |
| 17:46 | <Ms2ger> | jsbell++ |
| 17:46 | <Ms2ger> | (Sorry, was afk baking cookies) |
| 17:46 | <jsbell> | ERR_OVERFLOW |
| 17:46 | <jsbell> | yummy, afk to find cookies |
| 17:56 | <Domenic> | gsnedders: not great, see stats quoted in https://github.com/whatwg/dom/issues/67 |
| 17:57 | <gsnedders> | Domenic: k, that's what I thought |
| 18:05 | <nox> | XPath! So many memories. |
| 18:05 | <jsbell> | Ms2ger, jgraham: https://critic.hoppipolla.co.uk/r/5799 |
| 18:09 | <jgraham> | jsbell: Awesome |
| 19:27 | <ccardona-work> | Good morning WHATWG crew! o/ |
| 19:32 | <TabAtkins> | ccardona-work: Morning, Carlos. ^_^ |
| 19:32 | <ccardona-work> | hey tab. Long time no chat. I hope all is well w/ you. |
| 23:48 | <Krinkle> | Could I have an account on the whatwg wiki? |
