2008-10-01 [17:03:00.0000] hixiehttp://anolis.hoppipolla.co.uk/ [17:03:01.0000] Er, let's try that again [17:03:02.0000] Hixie, gsnedders: http://anolis.hoppipolla.co.uk/ [17:04:00.0000] That domain name is not stable [17:04:01.0000] (i.e. I might change it later) [18:22:00.0000] Hi everyone [18:23:00.0000] hey [18:24:00.0000] it's good to be able to have internet again, anything interesting happen with the spec over the past week? [18:25:00.0000] oh crap, my whatwg and public-html folders are up to 800 unread emails :-( [18:25:01.0000] hah [18:26:00.0000] jgraham: shoul i see something at http://anolis.hoppipolla.co.uk/ ? [18:27:00.0000] http://anolis.hoppipolla.co.uk/?url=http://www.whatwg.org/specs/web-apps/current-work/source-whatwg seems very slow [18:27:01.0000] I'm officially on holidays this week, so I should have time to catch up. The conference was quite good last week [18:27:02.0000] which conference? [18:28:00.0000] Web Directions South [18:28:01.0000] ah [18:28:02.0000] the one I came to Australia for [18:28:03.0000] right [18:29:00.0000] any interesting things happen there? [18:29:01.0000] MikeSmith's HTML5 presentation was quite good [18:30:00.0000] annevk2, I recorded 2 more episodes for standards suck [18:30:01.0000] I'll send them to marcos soon [18:32:00.0000] Am I correct reading the spec that there's no way to query a canvas for its transformation matrix? [18:32:01.0000] yes [18:33:00.0000] thanks, making sure before I go try and maintain that info myself [18:40:00.0000] I think it would be cool if HTML 5 had a texpath() method like nodebox's ( http://nodebox.net/code/index.php/Reference_|_textpath() ), and I've implemented a Java applet that does text rendering and will let me play with hypothetical APIs for it ( http://github.com/llimllib/javatext ). Is this a thing that could hypothetically make the spec someday? Is there any interest in such a thing? [18:41:00.0000] yeah there's a plan to eventually have path objects [18:41:01.0000] nice [18:41:02.0000] once we have that we'll be able to render text on path objects and convert the result to path objects, etc [18:41:03.0000] I implemented it because I've got half of a nodebox reimplementation in javascript, and I need textpath() [18:42:00.0000] cool [18:42:01.0000] I genuinely don't understand chaal's belief that if you want to extract SVG from HTML you might not need an HTML parser, or that the SVG WG's proposal would be better than the commented-out one for implementation... [18:45:00.0000] where should I go to find what's already been written about path objects? [18:46:00.0000] I'd like to catch myself up, if possible [18:47:00.0000] takkaria: his claim that Opera's core engine team thinks the SVG WG proposal is easier to implement kinda makes me want to get independent verification [18:47:01.0000] I'm not aware of anything that has been written, other than people saying the phrase "path objects" sound like a good idea [18:48:00.0000] fair enough [18:50:00.0000] I think text on a path is best added to CSS [18:50:01.0000] you shouldn't be forced to make your text impossible to select, copy, or search just to make it flow along a path [18:51:00.0000] My interest is in things like this: http://nodebox.net/code/index.php/LetterKnitter ; at some point it's not necessarily valuable as selected text [18:53:00.0000] How do you select text that's not in rows anyway? How would you select text that followed a circular path around a block of text in the middle, but not the text in the middle? Is that the behavior you want? [19:08:00.0000] llimllib: nothing is written about it yet as far as i know [19:08:01.0000] certainly on the whole we want to encourage text to be in css [19:08:02.0000] er [19:08:03.0000] html [19:08:04.0000] styled with css [19:09:00.0000] certainly [19:13:00.0000] currently, the ability to save a canvas creates a clean separation between text in canvas and text outside, AFAICS. Should there be text which is both styled with CSS and able to be saved with getImageData? [19:21:00.0000] jgraham: sweet, your script seems the fastest [19:24:00.0000] /me sets up his script so it runs anne's, jgraham's, and bert's, and uses whichever one returns first [19:38:00.0000] redundancy ftw [19:49:00.0000] jgraham, gsnedders: looks like anolis does some bad things [19:49:01.0000] probably due to using libxml2's serialiser [19:50:00.0000] it sticks a lot of newlines in unexpected places [19:50:01.0000] e.g. before and [19:50:02.0000] or around blocks [19:50:03.0000] it totally screws up idl blocks [19:51:00.0000] hmm, I should really work on hubbub sorted so we can make a release and anolis can use it [19:52:00.0000] that'd be awesome [19:53:00.0000] jgraham, gsnedders: http://www.whatwg.org/specs/web-apps/current-work/anolis-generated-index [19:53:01.0000] i can't use that :-) [20:11:00.0000] wow, a local camera store quoted me over $100 to repair a battery cover on my digital camera, but getting the part directly from the Kodak supplier and fixing it myself will only cost $5.50 [21:22:00.0000] I'm not part of the 2001 Web [21:45:00.0000] me neither :( [02:22:00.0000] http://stackoverflow.com/questions/tagged/html5 might develop into a feed worth following for tracking HTML5 questions outside the WGs [02:26:00.0000] hsivonen: wonder if it's worth adding it to Planet HTML5 now [02:27:00.0000] MikeSmith: insufficient data to tell yet. not much harm in trying, though [02:38:00.0000] hsivonen: i have a (broken and not optimized at all) serializer for SDF in javascript [02:38:01.0000] or maybe it was just a parser [02:40:00.0000] annevk2: fixed, thanks [02:41:00.0000] zcorpan: wrting a SAX parser for SDF might indeed be the thing to try. [02:41:01.0000] /me still thinks SDF is unsuitable since it doesn't scale linearly [02:41:02.0000] i'm sure it's possible to come up with a better format [02:42:00.0000] SDF was a quick hack for what i needed at the time [02:42:01.0000] zcorpan: btw, SDF doesn't have a default for the namespace on attribute nodes [02:42:02.0000] hsivonen: isn't it the empty string? [02:42:03.0000] zcorpan: ah. right [02:43:00.0000] I was merely comparing the definitions of e and a [02:43:01.0000] error handling isn't defined for sdf :( [02:44:00.0000] assuming the error handling i had in my parser it's not particularly extensible [02:45:00.0000] (it just assumed it was correct and skipped past expected stuff without looking) [02:50:00.0000] Hixie: I just fixed a couple of things at anolis.hoppipolla.co.uk (it now displays a front page and doesn't excess whiespae in the source) [02:50:01.0000] /me tries again [02:51:00.0000] It uses the html5lib serializer by the way [02:51:01.0000] So it's pretty easy to change the serialization code or options [02:52:00.0000] hsivonen: "Warning: Overriding document character encoding from utf-8 to UTF-8." [02:53:00.0000] what happened to the spaces in the ? [02:53:01.0000] and between the and the

? [02:54:00.0000] zcorpan: thanks [02:54:01.0000] also, any chance of it outputting entities instead of utf-8? the w3c has a bad habit of screwing up encoding declarations. [02:55:00.0000] Hixie: isn't that something the W3C should fix [02:55:01.0000] if the W3C can't get it right, the future with all the random joes out there looks bad [02:55:02.0000] yes but realistically i don't give that much of a chance and it's really not something i want to worry about [02:56:00.0000] jgraham: a lot of "unimportant" spaces get removed that make the source somewhat more messy, is that fixable? [02:57:00.0000] Hixie: Possibly. [02:57:01.0000] /me needs to look at the serializer again [02:57:02.0000] might be libxml2's fault, i dunno [02:58:00.0000] it's certainly much better than before [02:58:01.0000] wtf does "Anolis ALPHABETA" do ? [02:59:00.0000] generates the spec [02:59:01.0000] from what ? [03:00:00.0000] it generates http://www.whatwg.org/specs/web-apps/current-work/index from http://www.whatwg.org/specs/web-apps/current-work/source [03:00:01.0000] jgraham: Tell it to output ASCII, I think [03:00:02.0000] jgraham: serializer.serialize(tokens, encoding='us-ascii') seems to make it do everything with entities [03:01:00.0000] Hixie: so its essentially XSL ? [03:01:01.0000] in the same sense that C++ is essentially XSL, yes [03:01:02.0000] hrhr [03:02:00.0000] or rather, that the C++ preprocessor is XSL [03:17:00.0000] Hixie: the whatwg twitter account has some odd tweets at times [03:18:00.0000] yes, anyone can tweet on it at whatwg.org [03:20:00.0000] olliej: Well, you can blame me for [03:21:00.0000] jgraham: http://stuff.gsnedders.com/spec-gen/html5.whatwg.html — that has less excess whitespace than you [03:23:00.0000] Hixie: Should have fixed the UTF-8 thing now. Try adding &html5lib=true to the url; assuming I didn't screw up, that should both parse and serialize with html5lib (which is slower, obviously) [03:23:01.0000] jgraham: "If you want to mention random topics of interest you should have a little more detail" [03:23:02.0000] making it even slower would fail at the only real need i had for this tool :-) [03:24:00.0000] jgraham: Like how interested? [03:24:01.0000] Hixie: We should set up something that uses hsivonen's parser to parse it to XML first :P [03:26:00.0000] http://i10.photobucket.com/albums/a109/walrus0/obama2280473432_a0afd88685.jpg [03:29:00.0000] gsnedders: Unfortunately you need to set up and run some long-running Java server process, otherwise it'll take much longer to launch the JVM than to do the actual parsing :-( [03:30:00.0000] /me wonders whether we could use Jython [03:30:01.0000] /me wonders how much RAM you'd need for something like that [03:30:02.0000] Hixie: The point was to compare which errors are on the parser side and which on the serializer side :) [03:30:03.0000] jgraham: ah :-) [03:30:04.0000] gsnedders: You'd have to stop using the lxml API and start using whatever the relevant Java APIs are, I expect [03:30:05.0000] /me tries [03:30:06.0000] /me guesses between 16 to 64 MB [03:31:00.0000] Philip`: No, I could parse it from HTML -> XML -> lxml [03:32:00.0000] jgraham: Should I just drop the examples in parenthesis in the second para.? [03:32:01.0000] gsnedders: Do you mean how much detail? [03:32:02.0000] jgraham: yeah [03:32:03.0000] jgraham: And now I'm asking about the very existence of the other examples [03:33:00.0000] gsnedders: Ah, okay, but you still can't use lxml in Jython since it's a C module [03:33:01.0000] Philip`: Ah. [03:33:02.0000] I think the examples in parens are somewhat better than the sentence "Recent things that have interested me are [...]" [03:33:03.0000] so you might as well have a separate external process that does HTML-string -> XML-string and then parse that with lxml in CPython [03:33:04.0000] yeah [03:33:05.0000] jgraham: I'm just going to stab you :P [03:34:00.0000] It's not a bad idea to sounds up to date but they kinds of sound like "I just read some stuff recently for my UCAS form" [03:35:00.0000] hsivonen: Ah, that doesn't sound too bad - what kind of software do people use if they just want to run a simple Java service where they can send it a string and get a string back? [03:35:01.0000] gsnedders: That won't help your application at all. Unless, I suppose, you find a way to stab me over the internet, in which case it will be such a major breakthrough that ou mght get into the OU from your prison cell [03:36:00.0000] jgraham: took about 4 times as long, but yeah, it fixed the problem [03:36:01.0000] I wonder how much Pysco would help [03:36:02.0000] jgraham: Can I just concur with Philip` and my teacher in what it's fine? [03:36:03.0000] gsnedders: It helps quite a bit bu only on 32bit python [03:37:00.0000] Actually, I need to add in TUSLIP. [03:37:01.0000] ERGH> [03:37:02.0000] *ERGH. [03:37:03.0000] gsnedders: You can do whatever you like, it's your application :) [03:37:04.0000] gsnedders: I think Psyco gave something like 25-50% improvement in parsing stuff, with an old version of html5lib [03:37:05.0000] Philip`: Jetty with your own main() method if you want HTTP [03:37:06.0000] Philip`: And the rest of Anolis? :P [03:37:07.0000] Philip`: or a simple loop doing accept() on ServerSocket if you don't want HTTP [03:38:00.0000] gsnedders: I don't think I actually said it was fine; I just couldn't easily think of any worthwhile improvements to suggest :-) [03:38:01.0000] Philip`: :P [03:38:02.0000] gsnedders: That depends entirely on where your bottlenecks are [03:39:00.0000] Philip`: TOC building is expensive (building it in memory from the entire tree, actually making a ol/li list is cheap) [03:39:01.0000] Philip`: if the spec can be trusted not to have non-streamable errors, you could run the parser in the streaming mode and use up less RAM [03:39:02.0000] Philip`: xref is very expensive [03:39:03.0000] e.g. I assume Psyco helps a lot with long arithmetic functions, but it doesn't help at all if you're spending all your time in C libraries [03:39:04.0000] or if you're spending all your time doing string manipulation and dict lookups [03:40:00.0000] jgraham: Should I just omit the backflipping car? [03:42:00.0000] gsnedders: The car thing might be good if it is really something that has motivated you to study physics [03:43:00.0000] But if it is you need to say that explicitly and expand it a but [03:43:01.0000] bit [03:43:02.0000] /me gives up on sending it off today [03:43:03.0000] If I include the TUSLIP day, then I'll end up with it too long [03:55:00.0000] gsnedders: Try removing generic sentences like "There are almost endless questions that can be asked about how and why systems behave as they do.". Hopefully the peorson reading your personal statement already realises that :) [03:56:00.0000] That also applies to things like "Two useful skills that physics teaches are..." [03:57:00.0000] You should say something about you e.g. "Two skills that I have developed through studyinging physics are..." [03:57:01.0000] Because the person reading the form already knows what physics is supposed to teach but they want to know what you have got out of it [04:17:00.0000] I enabled psyco on anolis.h.c.u I don't know if it's making a significant difference or not [04:18:00.0000] no noticeable difference [04:18:01.0000] takes 8 seconds [04:18:02.0000] which is fine [04:18:03.0000] for now :-) [04:23:00.0000] so... anyone see anything wrong with http://www.whatwg.org/specs/web-apps/current-work/ ? [04:24:00.0000] Philip`: looks like the multipage script works ok with the new ids? [04:26:00.0000] gsnedders, jgraham: i'm still getting validation errors on the w3c verson of the doc: http://html5.validator.nu/?=&doc=http%3A%2F%2Fwww.whatwg.org%2Fspecs%2Fweb-apps%2Fcurrent-work%2F.w3c%2FOverview.html [04:28:00.0000] something weird happens to the table in the source [04:28:01.0000] the whole table vanishes [04:28:02.0000] ohhhh [04:29:00.0000] i bet i know what it is [04:29:01.0000] i bet the newlines are being stripped [04:29:02.0000] and so the sed script is nuking the whole table [04:41:00.0000] ok now the only problem is that the serialisation adds an unnecessary [04:41:01.0000] but i can strip that with my postprocess step [05:08:00.0000] Hixie: It doesn't work okay, in the sense that it doesn't split things into sensible-sized chunks [05:09:00.0000] though it does still split things into chunks [05:09:01.0000] but I'll just need to upload the new version which has a new list of split ids [05:09:02.0000] which is hopefully trivial [05:09:03.0000] http://www.whatwg.org/specs/web-apps/current-work/ is the new version [05:09:04.0000] i'm ready to flip the switch and check it in [05:10:00.0000] just give the word [05:11:00.0000] Hmph, you've done too much work and now the sections are unevenly sized again [05:11:01.0000] heh [05:12:00.0000] Did anyone conclude whether the lxml parser/serialiser has problems, that would mean I couldn't use them in the spec-splitter? [05:12:01.0000] the serialiser has issues iirc [05:13:00.0000] though i forget what [05:13:01.0000] the parser is already used by anolis so whatever problems it introduces are already payed for [05:13:02.0000] looks ok to me, though we need to fix some Anolis bugs too in due course [05:14:00.0000] but I thought the service from jgraham was not stable? [05:14:01.0000] (Hmm, better sizes now - the largest is 261KB for the forms section) [05:14:02.0000] not stable? [05:15:00.0000] http://krijnhoetmer.nl/irc-logs/whatwg/20081001#l-33 [05:16:00.0000] /me will stick with the html5lib serialiser, just to be safe [05:17:00.0000] Philip`: seems wise [05:17:01.0000] and time is not an issue with the multipage script [05:17:02.0000] annevk2: well, i have my system set up so it will fire up every anolis instance i know if (james' and yours so far) and use whichever one gets back soonest [05:17:03.0000] i know of, even [05:17:04.0000] ok [05:18:00.0000] But it slows down my server and steals CPU time away from its more important processes such as, er, irssi and not much else [05:18:01.0000] how was the issue serialization issue fixed? [05:20:00.0000] Philip`: :-) [05:20:01.0000] issue serialization? [05:21:00.0000] Updated the spec-splitter service now [05:21:01.0000] Wait, no I haven't [05:22:00.0000] Now I think I have [05:22:01.0000] Hixie, with the validation errors [05:22:02.0000] (It should be faster since it still parses with lxml) [05:22:03.0000] annevk2: oh [05:22:04.0000] annevk2: not sure [05:36:00.0000] annevk2: I switched to using html5lib for serialization [05:38:00.0000] I see [05:39:00.0000] http://hg.jgraham.webfactional.com/aquarium/ is the front end code I currently have [05:41:00.0000] sys.stdout.write versus print? [06:04:00.0000] Hixie: shouldn't the content sniffing: unknown type allow whitespace before " krijnh, the URL http://nodebox.net/code/index.php/Reference_|_textpath() here: http://krijnhoetmer.nl/irc-logs/whatwg/20081001#l-75 [06:31:00.0000] Opera's IRC doesn't include the ) but there is a ( just before it in the URL [06:34:00.0000] http://www.whatwg.org/specs/web-apps/current-work/multipage/stdout.txt looks much prettier in Opera than in Firefox [06:39:00.0000] Can I assume that 2007-06-07 is going to be a valid date string? [06:39:01.0000] I'd say yes [06:40:00.0000] Ok, going to take the liberty of using it, then [08:12:00.0000] BenMillard: fixed :) [08:12:01.0000] (http://krijnhoetmer.nl/irc-logs/whatwg/20081001#l-412) [08:32:00.0000] any proposals on how to represent all of these in HTML: http://people.brandeis.edu/~rind/bentley/symbols33.gif [08:34:00.0000] the first three are probably / [08:34:01.0000] zcorpan: note that these are explicit corrections [08:35:00.0000] yeah ... maybe / isnt' appropriate for that [08:35:01.0000] virtuelv: HTML simply doesn't have precise native semantics for all those [08:35:02.0000] question is, should it? [08:36:00.0000] virtuelv: I doesn't seem to me at least that the core HTML language needs markup for copy-editing markup [08:36:01.0000] virtuelv: in my opinion, no [08:36:02.0000] virtuelv: what hsivonen said [08:36:03.0000] virtuelv: because HTML is a general language and not specific to that particular domain [08:36:04.0000] kids are being asked to turn in assignments electronically already [08:37:00.0000] could use with a class [08:37:01.0000] before long, those assignments will be html, handled by a textarea on steroids [08:37:02.0000] most people have no need for that granularity of copy-editing markup nor any idea wtf those marks mean [08:38:00.0000] some are simply irrelevant, though, like 'stet' [08:38:01.0000] yeah [08:38:02.0000] i guess you'd want [08:38:03.0000] virtuelv: can't the teacher send back and edited file and the kid runs an html diff program on it? [08:38:04.0000] with title or something [08:39:00.0000] hsivonen: or the tool could provide the diff [08:39:01.0000] the teacher sends a patch [08:39:02.0000] can haz annotated patch [08:40:00.0000] (it's just an open question, though, it just made me wonder) [08:40:01.0000] 4 and 5 has a tendency to throw off diffs, btw [08:40:02.0000] yeah [08:42:00.0000] /me wonders what's wrong with the sentence "His head was wrapped in a turbine." .. likes that sentence just the way it is [08:43:00.0000] /me makes his spec more readable by introducing the term "context node" [08:45:00.0000] dglazkov: hei [08:46:00.0000] maybe it doesn't need to be an explicit xref? what do you think? (http://simon.html5.org/specs/web-dom-core#dom-document-createelement and onwards) [08:51:00.0000] MikeSmith! [08:52:00.0000] dglazkov: please get to work on making it possible for me to build and use Chrome on Linux [08:53:00.0000] MikeSmith: yessir! [08:53:01.0000] heh [09:10:00.0000] make -f client.mk build [09:10:01.0000] doh [10:04:00.0000] does anybody know who http://www.reddit.com/user/gst actually is? [10:05:00.0000] virtuelv: ↑ [10:05:01.0000] MikeSmith: no clue [10:06:00.0000] I think he's a script [10:06:01.0000] based on his posting frequency, I suspect he's a bot [10:06:02.0000] heh [10:06:03.0000] virtuelv: coke jinx [10:08:00.0000] /me encounters the "cat herder" metaphor for the 3000th millionth time [10:09:00.0000] with apologies, I think what some work needs is more people with cat-drowning skills [10:09:01.0000] /me googles "cat drowner" [10:09:02.0000] 01:11 where /me is, btw [10:10:00.0000] so forgive me if I offend [10:44:00.0000] I just want Chrome on Linux so that I can use http://ajeanius.wordpress.com/2008/09/26/first-release/ [10:44:01.0000] Oh, that's a bad link since it doesn't give any indication what it is [10:45:00.0000] http://ajeanius.wordpress.com/2008/09/08/awesomium-google-chrome-hacked/ [10:47:00.0000] The copy-editing issue has an easy solution: the teacher should just print all the electronic submissions, and mark them up with a red biro [10:51:00.0000] "he API that Google put together is really quite kick-ass– it’s got support for injection of mouse/keyboard events, Javascript evaluation, invalidation callbacks, navigation callbacks, and best of all, it lets us do off-screen, selective rendering" [10:56:00.0000] as far as the marking-up thing, based on my previous lives as both a schoolteacher (no joke) and textbook editor, marking up student/writers texts with red/baker-miller-red/soothing-blue copy-editing marks all the hell all over the place is not a terrifically efficient motivator at getting them to learn how to actually write [10:56:01.0000] the better way is to sit down one-on-one and go through and have them mark up the changes themselves [10:56:02.0000] in whatever color they prefer [10:57:00.0000] that is, verbally pointing out where the problems are [10:57:01.0000] sort of the "teach a man to fish" approach [10:57:02.0000] and they can use whatever arbitrary copy-editing markup format they want, in that case [10:57:03.0000] MIRRORS ARE MORE FUN THAN TELEVISION [11:00:00.0000] erlehmann_: Exactly. I understand exactly the point you are making, which is that sex is much better with mirrors involved. [11:00:01.0000] thanks [11:02:00.0000] D; [12:13:00.0000] Hixie: What service is adding in meta@charset? [12:14:00.0000] It should be an html5lib option, and should be off by default [12:16:00.0000] Why is inject_meta_charset defaulting to True in html5lib? [12:16:01.0000] jgraham? Philip`? [12:18:00.0000] gsnedders: I didn't write that code but I guess it was decided that it is safer [12:19:00.0000] I think it should be False by default [12:19:01.0000] jgraham: Can you set it off? [12:19:02.0000] Me too. [12:19:03.0000] (at least for Anolis) [12:20:00.0000] (the API doesn't actually change html5lib options from the default) [12:20:01.0000] Er, I guess I should check on the mailing list before changing the default but sure, I'll change it for anolis [12:20:02.0000] jgraham: If you're running an up-to-date (from hg) copy of Anolis, you have no need for indent_char [12:21:00.0000] Is Hixie using it with html5lib parsing? [12:24:00.0000] gsnedders: No [12:24:01.0000] gsnedders: Try that [12:24:02.0000] jgraham: "that"? How? [12:26:00.0000] gsnedders: What were you complaining about? [12:26:01.0000] jgraham: Huh? [12:26:02.0000] I changed anolis.hoppipolla.co.uk to serialize without the inject_meta_charset option and to not use indent_char [12:27:00.0000] ah, OK [12:27:01.0000] Yeah, that works fine [12:27:02.0000] inject_meta_charset is a bit slow too [12:29:00.0000] Is there a version of the source with the WG-specific headers but without the postprocessed stuff somewhere? [12:30:00.0000] jgraham: http://www.whatwg.org/specs/web-apps/current-work/source-w3c? [12:31:00.0000] interestingly I'm seeing next to no difference with &html5lib and without [12:32:00.0000] gsnedders: Is the output different? Otherwise it suggests a bug :) [12:32:01.0000] (psyco might have helped html5lib a lot) [12:34:00.0000] jgraham: Both are identical [12:47:00.0000] gsnedders: They are different for me [12:49:00.0000] You need &html5lib=something e.g. &html5lib=true [12:50:00.0000] /me tries [12:51:00.0000] Yeah, I'm getting different stuff now [12:51:01.0000] /me shrugs [14:01:00.0000] annevk2, ping [14:04:00.0000] annevk2: ping [14:17:00.0000] yo [14:17:01.0000] /me is sort of available [14:17:02.0000] sicking, gsnedders, yo/pong [14:18:00.0000] annevk2: you made mention to Anolis bugs that will need to be fixed. What bugs? [14:18:01.0000] hsivonen, http://html5.validator.nu/?doc=http%3A%2F%2Fannevankesteren.nl%2F2008%2Fajaxexperience seems wrong [14:18:02.0000] gsnedders, it was the serializer issues [14:19:00.0000] annevk2: ah. That's lxml/html5lib bugs! :P [14:19:01.0000] annevk2, what is the purpose of the "url return flag"? [14:19:02.0000] sicking, redirects? [14:20:00.0000] annevk2, seems like a hook for the XHR2 spec, but I don't even get how it's used there [14:20:01.0000] annevk2, ? [14:20:02.0000] you do a request from A to B [14:20:03.0000] B redirects to A [14:21:00.0000] in that case the status return flag will be "same-origin" and the "url return flag" the specific URL [14:21:01.0000] why not just say "follow the redirect"? [14:21:02.0000] because the policy is different [14:21:03.0000] XHR2 starts using the same origin request policy at that point [14:22:00.0000] so first off, i'm not sure that that is safe [14:22:01.0000] we discussed this model ages ago [14:22:02.0000] and you agreed to it [14:22:03.0000] :) [14:22:04.0000] really? [14:22:05.0000] i doubt that [14:22:06.0000] yes [14:22:07.0000] i remember this was discussed, but i don't remember a resolution [14:23:00.0000] it seems scary that if good.com loads what it thinks is a resource from evil.com, it might actually end up getting a private resource from good.com that was loaded with credentials [14:24:00.0000] if good.com publishes that resource anywhere effectively evil.com can read private data from good.com [14:24:01.0000] http://lists.w3.org/Archives/Public/public-webapi/2007Aug/0036.html [14:25:00.0000] well, that was just crazy :) [14:25:01.0000] s/that/I/ [14:25:02.0000] fair enough :p [14:26:00.0000] meaning you'll change it? [14:27:00.0000] to what? [14:27:01.0000] are you suggesting dropping that entire thing and simply always require the check? [14:27:02.0000] yes [14:27:03.0000] well, once you've been cross-site [14:28:00.0000] that'd make things simpler :) [14:28:01.0000] not for requests that are strictly same-site [14:28:02.0000] basically dropping a bunch of text [14:28:03.0000] well, same-site has a different "spec path" anyway [14:28:04.0000] i need an e-mail though [14:28:05.0000] so everyone knows [14:29:00.0000] and i can point it out to you in a few years and you can say "well, I was just crazy" again :) [14:29:01.0000] yeah, i think this needs to be discussed. Things do seem somewhat non-ideal no matter what [14:44:00.0000] http://cdn-www.cracked.com/articleimages/dan/movie_screw/vod6.jpg [15:30:00.0000] i love how the wai meeting is to be inaccessible to those who don't actually go to france [15:45:00.0000] /me finds http://www.htmlite.com/XH003.php [15:45:01.0000] It seems they lacked sufficient foresight :-( [15:45:02.0000] "Accessing attributes as properties is discouraged and considered becoming obsolete" [15:45:03.0000] what? [15:52:00.0000] why would the string comparison ever fail? [16:36:00.0000] Must. Stop. Procrastinating. [16:38:00.0000] gsnedders: meh, do it tomorrow ;-) [16:38:01.0000] jcranmer: Need to do this. Today. [16:39:00.0000] gsnedders: Then stop talking about it on IRC 2008-10-02 [18:15:00.0000] so....... [18:15:01.0000] if you have an element [18:16:00.0000] type=text [18:16:01.0000] and you type in some text [18:16:02.0000] and then the script changes it to type=checkbox [18:16:03.0000] and you submit [18:16:04.0000] what value should be submitted? [18:16:05.0000] opera and mozilla say "on", safari says whatever you typed, IE says you can't change the type. [18:19:00.0000] Hixie: off. [18:21:00.0000] what. [18:21:01.0000] the hell. [18:21:02.0000] setting .value when type=checkbox causes the value attribute to change?!?!?! [18:22:00.0000] heh. [18:22:01.0000] Hixie: You obviously forgot to leave your sense of logic at the door. [18:22:02.0000] Hixie: What's happening about Anolis, BTW? [18:23:00.0000] it's live [18:23:01.0000] Hixie: But not committed. [18:23:02.0000] and committeed [18:23:03.0000] committed [18:23:04.0000] It is? [18:23:05.0000] I haven't seen that. [18:23:06.0000] :P [18:23:07.0000] i checked it in last night [18:24:00.0000] r2256 [18:24:01.0000] no email on the list [18:25:00.0000] (like the commit watchers list) [18:25:01.0000] probably was too long and hit the limit [18:25:02.0000] Heh. [18:25:03.0000] Like, almost every line changed, I expect. [18:25:04.0000] Now, what need I do to get a special thanks (:)? [18:25:05.0000] :P [18:25:06.0000] :-P [18:25:07.0000] (I mean, why do you think I did this anyway) [18:26:00.0000] bert didn't get special thanks either :-) [18:26:01.0000] multi-file Anolis? [18:26:02.0000] :P [18:26:03.0000] :-P [18:26:04.0000] Yeah, but most of what you did about that was complain about its speed :P [18:28:00.0000] Hixie: http://www.w3.org/html/wg/html5/ — the TOC list has the ol numbers :( [18:32:00.0000] Hixie: Should I send a email to the list saying IDs are completely different now? [18:37:00.0000] Hixie: I don't see the craziness in the value attribute changing when the value property is changed [18:37:01.0000] am I missing something? [18:38:00.0000] aboodman: the value attribute doesn't change when the value property is changed for any other type value [18:38:01.0000] aboodman: normally the value content attribute maps to the defaultValue DOM attribute [18:43:00.0000] man this really screws things up [18:45:00.0000] wtf [18:46:00.0000] hm, at least this is scoped to the input element [18:47:00.0000] out of curiosity, are most attributes in html5 defined to reflect or not reflect [18:47:01.0000] most reflect [18:48:00.0000] yipp33 [18:48:01.0000] argh [18:48:02.0000] i really must learn to type at some point. [18:48:03.0000] Type? Why do that? [19:11:00.0000] /me changes topic to 'WHATWG (HTML5) -- http://www.whatwg.org/ -- Logs: http://krijnhoetmer.nl/irc-logs/ -- Please leave your sense of logic at the door, thanks! -- gsnedders had green hair, photos coming soon :-)' [19:15:00.0000] the weird situation with .value, .defaultValue and value="" is kind of weird and pretty suboptimal [19:21:00.0000] othermaciej: and now standardised. [20:49:00.0000] Hixie, http://blog.whatwg.org/demos-2008-sept#comment-27669 [23:00:00.0000] what does a radio button represent? [23:01:00.0000] one of several mutually exclusive choices [23:02:00.0000] what if there aren't any others? [23:03:00.0000] what does an

  • represent if there aren't any others? [23:09:00.0000] what is the sound of one hand clapping? [23:16:00.0000] othermaciej: a list item [23:17:00.0000] then you could say a radio button represents a readio button [23:17:01.0000] because in fact what it represents is a particular UI control [23:17:02.0000] and the semantic of how such controls are used is dictated by convention [23:17:03.0000] fair enough [01:26:00.0000] well radio buttons turned out to be more of a pain than i expected [01:36:00.0000] radio groups represent mutually exclusive choices, but so do , and all three have different UI (by convention) [01:37:00.0000] it annoys me when i get paper forms that say "check one" and have empty squares instead of empty circles [01:37:01.0000] seems so wrong [01:40:00.0000] heh [01:45:00.0000] ok, only file, hidden, submit, image, reset, and button to do now. [01:47:00.0000] http://www.w3.org/2008/10/TPAC/TPDay-Agenda [01:49:00.0000] I wonder if Hixie has been already invited as a panelist [01:50:00.0000] hmph [01:50:01.0000] Google is a harsh mistress [01:51:00.0000] hsivonen: for which panel? [01:51:01.0000] this year it's no longer html5 vs. xhtml2. now it's html vs. xml [01:51:02.0000] (completely off-topic, of course) [01:51:03.0000] virtuelv: hm? [01:51:04.0000] there's a topic here? [01:51:05.0000] /me looks at gsnedders :-P [01:52:00.0000] Hixie: yeah, when Dreamhost was mass-compromised last year, my account were among the unfortunate 3500 [01:52:01.0000] Hixie: Architecture and html&xml [01:53:00.0000] I had one page left that I didn't actually notice when I cleaned up all of the injected spam, and for that, I'm now invisible in Google for the next couple of weeks [01:53:01.0000] aah [01:53:02.0000] hsivonen: session 2? [01:53:03.0000] or 7? [01:54:00.0000] someone should stand by the mic during the TP and pipe up briefly every time someone says something not true [01:54:01.0000] e.g. "The HTML5 work on the other hand uses a centralised extensibility mechanism based on formalized tagsoup parsing." "Actually that's not an accurate description." [01:55:00.0000] actually reading that abstract more carefully i don't even know what it means [01:55:01.0000] sounds like something palin might say [02:08:00.0000] http://www.theage.com.au/photogallery/2008/10/02/1222651246843.html -- hmm, is that IE being used in the A380's cockpit? [02:08:01.0000] Hixie: I was wondering about your participation in both 2 and 7 [02:08:02.0000] regardless, it looks like a terrible interface for presenting that information (with the scrolling) [02:12:00.0000] hsivonen: this? http://images.theage.com.au/ftage/ffximage/2008/10/02/qantas__16__gallery__539x400.jpg [02:12:01.0000] virtuelv, yeah [02:13:00.0000] heycam: how can you tell? [02:13:01.0000] I can clearly see it's windows, but IE? [02:13:02.0000] the table? [02:13:03.0000] yeah the table is what made me think that [02:15:00.0000] looks like [02:15:01.0000] windows in the cockpit is probably enough to make me worry though :) [02:16:00.0000] i noticed linux booting up on a plane's entertainment system recently [02:16:01.0000] seems like a very bad idea to put Windows in the cockpit [02:16:02.0000] I'd want a small well debugged real time OS in the cockpit [02:17:00.0000] i assume that windows thing is isolated from any flight controlling systems, but still... [02:20:00.0000] Sun had the "high risk activities" clause in the non-GPL JDK licenses forever even though JDK on Solaris is probably more stable than IE on Windows [02:20:01.0000] heycam: I'd assume so [02:21:00.0000] but you're still pretty screwed for the 30 seconds it takes rebooting [02:22:00.0000] why doesn't http://www.p01.org/releases/Demoscene/files/pNebula_canvas_256b_valid.htm work in Firefox/Minefield? [02:23:00.0000] hsivonen: I guess mathieu optimized away a few bytes too many [02:23:01.0000] it worked a couple of days ago [02:25:00.0000] hsivonen: this is why: http://software.hixie.ch/utilities/js/live-dom-viewer/?%3C!DOCTYPE%20html%3E%0D%0A%3Ccanvas%20id%3DR%3E%3C%2Fcanvas%3E%3Cscript%3Ew(R)%3C%2Fscript%3E [02:33:00.0000] zcorpan: that's unintuitive [02:38:00.0000] hsivonen: but it works in ie/opera/webkit [02:39:00.0000] oh actually [02:39:01.0000] http://software.hixie.ch/utilities/js/live-dom-viewer/?%3Ccanvas%20id%3DR%3E%3C%2Fcanvas%3Ex%3Cscript%3Ew(R)%3C%2Fscript%3E [02:40:00.0000] i forgot about the more-script-to-head bug [02:41:00.0000] oh firefox only does that in quirks mode [02:41:01.0000] zcorpan: I meant the Gecko tree building behavior is unintuitive [02:41:02.0000] defining R in the global scope from id that is [02:41:03.0000] hsivonen: yeah, but that wasn't why the demo wasn't working [02:41:04.0000] oh [02:41:05.0000] hsivonen: the demo should work if you remove the doctype [02:41:06.0000] now I see what you meant [02:53:00.0000] zcorpan: just asked p01, and he indicated it chokes on something in the script [02:53:01.0000] ff3.0.3 chokes on "R", pbly expecting "document.R" [02:54:00.0000] virtuelv: yes it doesn't do -> window.foo in standards mode [02:54:01.0000] virtuelv: only in quirks mode [02:54:02.0000] while other browsers do it in both [02:57:00.0000] i think he needs R=document.body.lastChild [02:58:00.0000] and then he can drop id=R [03:07:00.0000] He could save another 6 bytes just by dropping the quotes around onload, I think [03:08:00.0000] Oh, = is not allowed in unquoted attributes? How annoying :-( [03:08:01.0000] /me has started using the convention of omitting quotes around attribute values for attributes that take keywords or numbers, and having them for everything else [03:09:00.0000] (strings, urls, script, css, etc) [03:10:00.0000] zcorpan: his goal is to stay under 256 bytes *and* be in standards mode [03:10:01.0000] if he drops being in standards mode, he can chop it down to 220+something, I think [03:11:00.0000] *and* be conforming? [03:11:01.0000] Hixie: Are you trying to say I often take us off-topic? [03:11:02.0000] :P [03:12:00.0000] i think i'm going to change how type=file handles min/max [03:15:00.0000] Hixie: If you are, I guess I can't really deny it. [03:16:00.0000] gsnedders: no comment :-P [03:16:01.0000] Hixie: I mean, you looked at me when talking about going off-topic :P [03:44:00.0000] hmm anolis cuts off web-dom-core after the comment "" [03:44:01.0000] wonder what's up with that [03:45:00.0000] Philip`: no [03:46:00.0000] but we managed to chop off a version that runs in all browser, is valid and conforming to 248 bytes [03:46:01.0000] fun way to spend half of your lunch [04:46:00.0000] can i make Node.prefix readonly? [04:47:00.0000] webkit and firefox don't check against Name or NCName (or anything) and opera doesn't do anything on setting [04:47:01.0000] so you can end up with spaces in tags in webkit and firefox by setting .prefix = '1 2' [04:48:00.0000] though maybe the serializer would change prefixes again [04:50:00.0000] nope at least innerHTML in firefox doesn't [04:51:00.0000] data:text/xml, [04:51:01.0000] same with webkit [04:51:02.0000] /me makes it readonly [05:30:00.0000] /me mumbles something about isSameNode being useless [05:36:00.0000] is it just an == check for languages that don't support == or that let tearoff implementation details leak instead of overloading ==? [05:39:00.0000] i'm not sure why it was added to dom3 [05:39:01.0000] but it's the same as == [05:41:00.0000] considering that it's bogus for *Web* DOM, i'll drop it and see if someone complains [05:41:01.0000] hmm there's also isEqualNode [05:44:00.0000] zcorpan: well, back when distinguishing "" vs. null was considered, someone said that Delphi can't distinguish those... [05:44:01.0000] that's unfortunate [05:45:00.0000] yes, but as a reason for Web API design completely pointless [05:45:01.0000] indeed [05:46:00.0000] so, I expect you to get complaints :-( [05:46:01.0000] i wonder if isEqualNode is useful for something [06:10:00.0000] krijnh, how about linking data: urls? From http://krijnhoetmer.nl/irc-logs/whatwg/20081002#l-282: data:text/xml, [06:10:01.0000] krijnh, also irc: URLs like those at and just after http://krijnhoetmer.nl/irc-logs/whatwg/20080226#l-321. [06:11:00.0000] BenMillard: If you don't escape spaces/etc in data URLs, how is any algorithm meant to work out where they end? [06:12:00.0000] Philip`, I guess they normally end at the end of the line in this channel? [06:12:01.0000] or at or something [06:13:00.0000] interestingly, Opera's IRC includes the : at the end of #l-282: in the link but doesn't include the . at the end of #l-321. [06:14:00.0000] (I use Opera 9.52 for Windows XP) [06:32:00.0000] /me finds http://lastweekinhtml5.blogspot.com/ [06:32:01.0000] :) [06:38:00.0000] hsivonen, fwiw, the tactic with "Web DOM" is that it's just for the Web browser environment and that we don't seek to obsolete other DOM specifications in any way [06:43:00.0000] ok [06:46:00.0000] that said, it might not mitigate getting people upset as browsers would no longer follow the DOM ... series of specifications [07:06:00.0000] hsivonen, btw, did you seem my semi bug report yesterday? [07:07:00.0000] hsivonen, http://krijnhoetmer.nl/irc-logs/whatwg/20081001#l-626 [08:11:00.0000] annevk2: thanks. now recorded: http://bugzilla.validator.nu/show_bug.cgi?id=317 [08:12:00.0000] the other bug was that the empty string is a valid contenteditable value [08:12:01.0000] iirc [08:12:02.0000] but i'll check that now in the spec [08:13:00.0000] yup: "The contenteditable attribute is an enumerated attribute whose keywords are the empty string, true, and false." [08:36:00.0000] Opera really doesn't work well when I run out of disk space [08:38:00.0000] /me is glad he has reasonably-recent backups of all the .ini files [09:43:00.0000] zcorpan, "The hasChildNodes() method must return false if the context node's firstChild is null, and true otherwise." what if I have a custom firstChild? [09:44:00.0000] zcorpan, for textContent you have getting and setting reversed [09:45:00.0000] (re http://simon.html5.org/specs/web-dom-core for those reading the logs) [10:06:00.0000] BenMillard: First lap at full speed in S2000 LM round High Speed Ring Reverse: 1:12 [10:17:00.0000] BenMillard: I just can't find a good line through the double S bend [10:29:00.0000] BenMillard: OK, I basically consistently do around 1:10.8 [10:36:00.0000] gsnedders, yeah that S-bend is touch [10:37:00.0000] you have to favour the 2nd part...go deep into the first part so you are on the right-hand as you start the 2nd half [10:38:00.0000] gnsedders, I'm helping my dad put pictures onto eBay now, chat later :) [10:38:01.0000] make sure you add alt text to all of them [10:49:00.0000] /me wonders how one should handle fatal errors in a streaming HTTP processor [10:49:01.0000] i.e. where you start sending the response before you've done all the processing (hence before you've detected all possible errors) [10:50:00.0000] (and maybe before you've even received the whole request) [12:18:00.0000] /me wonders when Bugzilla will gain OpenID support [12:18:01.0000] (and hopefully support for linking the OpenID to an existing account) [12:40:00.0000] /me wants something better than OpenID [12:40:01.0000] don't misunderstand me, openid is great within the current constraints [12:40:02.0000] I'd just want browsers to act like ssh [12:50:00.0000] how would that work well if you use 10 different browsers on 10 different platforms? [12:57:00.0000] that is an open question [12:57:01.0000] your question is one of key distribution [12:58:00.0000] more specifically, private key distribution [13:06:00.0000] ssh works without any private key distribution [13:23:00.0000] Only if you always SSH from the same place [13:23:01.0000] or use lots of independent pairs of keys [13:23:02.0000] or just use passwords instead [13:24:00.0000] /me wonders how many people have their SSH private keys written on a Post-it note stuck on their monitor [13:27:00.0000] you're supposed to use independent keys [13:27:01.0000] it lets you knock one client out if it is compromised, without having to change the rest of your config [13:30:00.0000] But if one private key is compromised, the attacker can log in to all the other machines you have access to, which probably contain all your other 'independent' private keys, so the whole network of keys is compromised [13:31:00.0000] compromised was the wrong word [13:31:01.0000] i mean like if you sell your hard disk [13:32:00.0000] if you are compromised then yes, you have to nuke everything [13:32:01.0000] It seems much easier to remove the private key from that disk before you sell it, rather than deleting the corresponding public key from every other machine in the entire internet that your public key has been copied to [13:33:00.0000] (and it's not useful to remove the private key after you sell it, because the recipient will already have compromised all your accounts) [13:33:01.0000] Uh [13:33:02.0000] s/private key/public keys/ [13:34:00.0000] wiping hard disks is non-trivial and assumes you can access the disk [13:34:01.0000] wiping hard disks only requires ddd [13:34:02.0000] *dd [13:34:03.0000] anyway. to each his own. :-) [13:34:04.0000] Wiping disks only requires a screwdriver and sandpaper [13:34:05.0000] not if you're going to sell it :-) [13:35:00.0000] though I guess the number of people who know about dd is probably lower than 1 in 1000 [13:35:01.0000] same with ssh! [13:35:02.0000] If it's a disk you've used already, it's tiny and obsolete and would have negligible resale value :-) [13:36:00.0000] Nobody would want to buy an old 250GB disk nowadays, you couldn't even fit six months of MP3s on it [13:46:00.0000] hsivonen: http://about.validator.nu/htmlparser/ says "ALTER_INFOSET is now the default", but http://about.validator.nu/htmlparser/apidocs/nu/validator/htmlparser/sax/HtmlParser.html says "By default ... the this parser treats XML 1.0-incompatible infosets as fatal errors" which seems inconsistent [13:46:01.0000] (Also the latter says "the this parser") [13:46:02.0000] (which seems not grammar) [14:34:00.0000] Hixie, ping [14:43:00.0000] hey [14:51:00.0000] hmm, web-apps-tracker cache is now ~1.4GiB [15:01:00.0000] Anyone know of any way to contact markp without waiting months for him to check his email? [15:02:00.0000] Commenting on his blog? [15:02:01.0000] !summon markp [15:02:02.0000] Dashiva: Comments are only open for like two days on his blog [15:02:03.0000] Dashiva: The later feedback form just goes to email, AFAIK [15:03:00.0000] gsnedders: Wait for him to post a new one :) [15:03:01.0000] http://diveintomark.org/tests/client/autodiscovery/ — tests 47 to 50 are broken :\ [15:04:00.0000] just make a blog post and hope he does an ego search [15:31:00.0000] gsnedders: what do you want to ask him? [15:41:00.0000] Hixie, so we need to figure out this how-to-compare-Origin-to-Access-Control-Allow-Origin thing [15:42:00.0000] i thought it was a string comparison [15:42:01.0000] no? [15:43:00.0000] Hixie, yes, i question that that is wise [15:43:01.0000] for security-related things, it seems the most conservative option is best [15:43:02.0000] it's hard to get a subtle security bug when you do a strict string comparison [15:44:00.0000] if we do something else, say partially case-insensitive IDN/punycode-equivalent full-URL comparison, we're setting ourself up for serious pain [15:44:01.0000] ourselves [15:44:02.0000] everyone has to have code to do that anyway [15:44:03.0000] yeah and everyone has had at least oen security bug with it [15:45:00.0000] so you can compare if two frames are same-origin or not [15:45:01.0000] sure, but it needs to get fixed [15:45:02.0000] the frame origin comparison isn't a url comparison [15:45:03.0000] it's a tuple comparison of exact strings [15:45:04.0000] so why reinvent the wheel, even if the new wheel is simpler [15:45:05.0000] yup [15:45:06.0000] well [15:45:07.0000] i'd rather not have a wheel at all, i'd rather have just a twig, or whatever is the right analogy here [15:45:08.0000] strings and numbers [15:46:00.0000] string and numbers can be compared reasonably safely [15:46:01.0000] it seems very confusing to have urls that are case sensitive though, when they aren't case sensitive anywhere else [15:46:02.0000] urls are a whole entire other ball game of extreme danger [15:46:03.0000] URLs are partially case-sensitive [15:47:00.0000] which is FAR more confusing than just comparing a string [15:47:01.0000] especially given that in most cases the string will either be hard-coded or echoed [15:47:02.0000] but this must be a solved problem already [15:47:03.0000] for everyone [15:48:00.0000] no implementation i've talked to has seen any risk security wise [15:48:01.0000] the latest security bug with URL parsing was _last month_ [15:48:02.0000] me included [15:48:03.0000] 18 years into the life of urls [15:48:04.0000] and you want to rely on that? [15:48:05.0000] would it have affected parsing origins? [15:48:06.0000] i am already relying on url parsing [15:48:07.0000] so ues [15:48:08.0000] yes [15:49:00.0000] i have no idea (i'm thinking of the :% -> crash in chrome) [15:49:01.0000] how are you relying on url parsing? [15:49:02.0000] when comparing if two frames are same-origin [15:50:00.0000] all urls ultimately start as strings that are parsed [15:50:01.0000] that's nor a URL comparison, it's an exact tuple comparison of strings and numbers [15:50:02.0000] sure [15:50:03.0000] but by the time they are parsed if you got the parsing wrong you went to the wrong place [15:50:04.0000] that's what the orign to ac-allow-origin will be too [15:50:05.0000] so you can't get the wrong security [15:50:06.0000] context [15:50:07.0000] i'll reuse the same string->url parsing code [15:51:00.0000] and then reuse the same url to url same origin code [15:51:01.0000] i really don't see any advantage to doing that [15:51:02.0000] it seems like asking to use a tightrope to cross a ravine when there's a perfectly good concrete bridge right next to it [15:51:03.0000] what's the problem with comparing strings? [15:51:04.0000] except that the tightrope is used everywhere in the already [15:52:00.0000] in the product [15:52:01.0000] how do you mean? [15:52:02.0000] what is the problem you want to solve by not doing a string comparison? (the url parsing having happened, as with origin checking, before having a security context) [15:52:03.0000] the problem is in everywhere when there is a difference to url comparsing [15:52:04.0000] which are 3 things: [15:53:00.0000] 1. scheme in url is case insensitive [15:53:01.0000] 2. domain in url is case insensitive [15:53:02.0000] 3. explicit default port is same as no port [15:53:03.0000] yes but the UA generates the string it is comparing to, so why does it matter? i mean, we could be generating hashes here too, why does it matter? [15:53:04.0000] why aren't we using hashes? [15:54:00.0000] or http.org.example.www(80) [15:54:01.0000] so that the user can see what is being compared more easily [15:54:02.0000] user won't see this [15:54:03.0000] my mom never will [15:54:04.0000] s/user/author/, sorry [15:55:00.0000] that author will also be generating the urls for ac-allow-origin [15:55:01.0000] (i'm fine with using a new syntax too, it just seems gratuitous) [15:55:02.0000] exactly, and doing string comparison is using a new syntax [15:55:03.0000] because we no longer treat them as urls [15:56:00.0000] i say that if something looks like a url, we should treat it as such [15:56:01.0000] and i'm saying that's a security nightmare waiting to happen [15:56:02.0000] can you name any problems with url parsing that would have been made worse by using it for AC? [15:57:00.0000] any problem with url parsing is already likely fatal [15:59:00.0000] Hixie: Oh, just to tell him those tests that I mentioned above are broken [16:02:00.0000] sicking: no, not off-hand. But defense in depth isn't done by making sure we don't do something that could be vulnerable to an already-fixed problem, it's done by making the attack surface smaller. [16:02:01.0000] Hixie, it's a very gratuitous defense you are inventing [16:03:00.0000] Hixie, if you have no idea what you are protecting yourself from, how do we know what you are inventing is better [16:03:01.0000] it's simpler [16:03:02.0000] Hixie, you are also adding risks by inventing new formats [16:03:03.0000] simpler is better :-) [16:03:04.0000] it's not a new format, it's a canonicalised URL [16:03:05.0000] simpler how? for who? [16:04:00.0000] (s1 == s2) is simpler than (ParseURL(s1) == ParseURL(s2)) [16:04:01.0000] simpler for who? [16:04:02.0000] and it's simpler for authors and implementors. for authors because once they have found the string that works, it'll always work, and for implementors because, well, (s1 == s2) is simpler than (ParseURL(s1) == ParseURL(s2)) [16:05:00.0000] it's not simpler for me, it's about the same number of lines of code (about 5 vs 8), it's not simpler for authors as they have a surprising inconsistency with all other urls in the product [16:05:01.0000] as an implementor I'd say neither is particularly harder or easier [16:06:00.0000] seriously? doing a security audit of the url parsing is as simple as a security audit of just comparing two strings? [16:06:01.0000] those must be some damn complicated string comparisong algorithms y'all are using [16:06:02.0000] comparison [16:06:03.0000] the code is already audited in both cases [16:07:00.0000] Hixie, i don't have two strings, i have a string (the ac-allow-origin header) and a url (the requesting site) [16:07:01.0000] url parsing and comparison (and specifically of a url string converted to our SecurityOrigin class) is already audited [16:07:02.0000] and already heavily exposed [16:07:03.0000] sicking: you have two strings, the string you sent the server, and the string it sent back [16:08:00.0000] I would be less nervous security-wise about a comparison of two SecurityOrigin objects than two Strings, but seems to me either could be sound [16:08:01.0000] Hixie, i don't have the string sent to the server saved. I could save it, but it'd add about the same number of lines of code that parsing to a url adds [16:09:00.0000] yeah, i think both these solutions are simple and both are secure. The difference is that one seems more surprising to authors [16:11:00.0000] sicking: what's an example of a case where the author would see different behavior between the two? [16:11:01.0000] othermaciej, HTTP://Example.Org:80 vs http://example.org contains all 3 differences that i can think of [16:12:00.0000] sicking: ok, but walk me through the scenario [16:12:01.0000] so let's say you loaded from a page of HTTP://Example.Org:80 [16:12:02.0000] sicking: what about http://example.org./ vs http://example.org/ [16:12:03.0000] virtuelv: those are different [16:13:00.0000] virtuelv, what hixie said [16:13:01.0000] my concern is with things like http:///example.com vs http://example.com, where on UA has a bug and treats it differently than other UAs [16:13:02.0000] othermaciej, well, the Origin header that the site is going to receive is always going to be on the "canonical" form (per spec) [16:14:00.0000] or http:://, or http://foo.com:80⊙bc:81/ or whatever [16:15:00.0000] seems like for something this important you shouldn't need to be a spec lawyer to be able to tell if the string is going to work or not [16:15:01.0000] othermaciej, in most cases the server is going to have some sort of list of origins they want to approve. For example some list like "*.company.com", "*.partner.com" [16:15:02.0000] othermaciej, and then match the Origin against that [16:16:00.0000] othermaciej, and then send back a matching origin if one is found [16:16:01.0000] othermaciej, (they're basically forced to do this given how simple the syntax of the AC-Allow-Origin header is) [16:17:00.0000] othermaciej, so if they generate the send-back string with a uppercase Company.com because that's how they normally type the company url internally, they'll currently fail [16:17:01.0000] but they'll _always_ fail, so it'll be trivial to catch [16:18:00.0000] with url parsing, they might find it works in the UAs they test, but some syntax error means it fails in the rest [16:18:01.0000] and they won't know until the deploy [16:18:02.0000] they [16:18:03.0000] sicking: so if you can generate the [16:19:00.0000] "canonical" form to send it [16:19:01.0000] you can generate it for the comparison too [16:19:02.0000] I see the point for the send-back [16:19:03.0000] requires a canonicalization on the server side, possibly [16:20:00.0000] right [16:20:01.0000] Hixie, differences like that are already breaking things and needs to be fixed [16:21:00.0000] not necessarily [16:21:01.0000] but sure, any interop issues should be fixed [16:21:02.0000] my point is just that this is too important to elevate all url parsing interop issues to that level [16:21:03.0000] i don't think this is any more important than any other place [16:22:00.0000] it'd be like saying "well a lot of our houses are made of wood, and wood is quite flammable, so we have to fix that anyway, it's not a reason to not build the dam using wood" [16:22:01.0000] but this is just another house, this is no more important than anything else in the browser [16:22:02.0000] ?! [16:23:00.0000] if two strings parsed into urls are considered same-origin in one UA but not in another we're already in the same trouble that would happen here [16:23:01.0000] this controls the ability for any random site to transfer all my money out of my bank account [16:23:02.0000] I don't think URL canonicalization is risky [16:23:03.0000] it's FAR more important than, say, whether i can type a URL safely in the address bar [16:23:04.0000] I think having different definitions of same-origin is more risky [16:23:05.0000] i agree with maciej [16:23:06.0000] Hixie, so does the same-origin-url-comparison code that checks if cross-frame-scripting is allowed [16:24:00.0000] Hixie: the upshot of what I'm saying is that Access-Control defining same-origin differently is arguably bad [16:24:01.0000] othermaciej: this isn't defining same-origin differently [16:24:02.0000] since other same-origin checks canonicalize [16:25:00.0000] othermaciej: it's serialising the origin, and then comparing it to someone else's attempt at doing the same thing [16:25:01.0000] I guess you could see it that way [16:25:02.0000] origin comparisons aren't url comparisons, they're the same thing as here, except without serialising the origin, just holding it as a tuple [16:25:03.0000] so for what it's worth, IE does have a different concept of what is same-origin than everyone else [16:26:00.0000] they don't consider ports to be part of the origin [16:26:01.0000] (they could as easily be done by serialising, except for the unique ID case) [16:26:02.0000] anyway [16:26:03.0000] apparently they do for same-site XHR starting with IE7, but nowhere else [16:26:04.0000] i'm not the editor of the AC spec, so i'm not the one you have to convince :-) [16:28:00.0000] anne has said he'll follow what websockets do [16:28:01.0000] though technically speaking its not up to the editor but the group as a whole [16:28:02.0000] i'd just rather it not get to that of course [16:29:00.0000] well technically it's up to Tim [16:29:01.0000] but sure [16:29:02.0000] this is far too unimportant to raise to a vote even [16:29:03.0000] imho [16:29:04.0000] i just don't see any advantages to the current behavior [16:29:05.0000] hsivonen: When using your HTML2XML, any spaces in attributes get turned into \x20\xEF\BF\xBD (or whatever that is in UTF-8), which seems kind of weird and undesired [16:30:00.0000] sicking: so where do you stand on WebSocket-Location? [16:30:01.0000] Hixie, what is that? [16:31:00.0000] should that be parsed and components recompared too? [16:31:01.0000] yeah, in general i think that when we compare url like things, we should compare them as urls [16:31:02.0000] cripes that makes things a lot more complicated for websocket [16:32:00.0000] so should relative URLs here be resolved ? [16:32:01.0000] i don't know anything about websockets [16:32:02.0000] how should I handle IDN/punycode? [16:32:03.0000] i was just told they had something similar as Access-Control-Allow-Origin [16:33:00.0000] another reason to not do URL comparison is that we might not always be dealing with URLs, e.g. if bz gets his way and we serialise the unique ID origins too [16:33:01.0000] so IDN is a good point actually [16:34:00.0000] for WebSocket I really fear the mess that will occur if we start reparsing the output from the server [16:34:01.0000] the whole point is that we want to make the handshake as hard as possible to fake [16:34:02.0000] i don't know if www.Å.com is the same as www.å.com [16:34:03.0000] (not sure if that comes out correct, should be uppercase a-ring vs lowercase a-ring) [16:35:00.0000] if the web in general consider those same-origin [16:35:01.0000] but string comparison wouldn't, that seems bad [16:35:02.0000] string comparison compares the ASCII serialisation [16:35:03.0000] so you would compare the punycode version [16:35:04.0000] you can't send non-ASCII over HTTP [16:35:05.0000] HTTP doesn't define an encoding beyond ASCII iirc [16:36:00.0000] are the punycode of the two the same? [16:39:00.0000] no idea, but that's not our problem at that point [16:41:00.0000] well, it sort of is if string-comparison results in different behavior than url comparison [16:43:00.0000] how can it result in different behaviour? [16:43:01.0000] /me ponders [16:45:00.0000] so if the requesting page is www.å.com [16:46:00.0000] actually, looks like they produce the same punycode 2008-10-03 [17:23:00.0000] Hixie, so what are the features of websockets that you are concerned about changing? [17:24:00.0000] the handshake [17:24:01.0000] specifically the processing of websocket-origin and websocket-location [21:13:00.0000] Hixie: are you about? [21:13:01.0000] vaguely [21:15:00.0000] Hixie: there's a new (highres and otherwise improved) timer API being discussed on webkit-dev - should I propose it for HTML5 or as a standalone spec in Web Apps WG? [21:16:00.0000] webapps [21:16:01.0000] i have an editor lined up for it [21:16:02.0000] wow [21:17:00.0000] I might even be able to edit or co-edit myself. [21:17:01.0000] it seems pretty simple [21:17:02.0000] only complexity is that it kind of conceptually ties into HTML5's event loop [21:18:00.0000] afk, bbiab [21:19:00.0000] later [22:35:00.0000] http://www.w3.org/2001/tag/2008/09/23-minutes.html -- the tag appears to be so far removed from what we're trying to do here that our meeting at the tpac ought to be quite interesting [23:59:00.0000] Hixie: reading that belatedly... I see what you mean [00:03:00.0000] how does one run for TAG? [00:03:01.0000] I wonder how much I would hate that [00:06:00.0000] othermaciej: an AC rep has to nominate you and you have to be picked [00:07:00.0000] it was mentioned that there are "elected" members in those minutes [00:07:01.0000] someone offered to nominate me once [00:07:02.0000] i told them in no uncertain terms not to bother [00:07:03.0000] 5 selected by the AC [00:07:04.0000] er [00:08:00.0000] elected [00:08:01.0000] 3 nominated by director [00:08:02.0000] I'm wondering if having someone there with a real-world relationship to the web would help [00:08:03.0000] probably not worth it [00:09:00.0000] you have to ask: what is the purpose of the tag [00:09:01.0000] what effect can it have on the web [00:09:02.0000] "stewardship of the Web architecture" [00:09:03.0000] o_O [00:09:04.0000] I guess participating in a group where my goal would be preventing damage rather than contributing something positive would be a waste of time [00:12:00.0000] reading the process document makes me wince [00:12:01.0000] it's not clear to me that the TAG has ever caused harm, other than a few cases where people for some reason felt compelled to somehow change the tag's mind (usually fruitlessly, and later just ignoring them instead) [00:12:02.0000] so much silly process and bureaucracy, which is the ignored when inconvenient [00:15:00.0000] (and then the harm was just wasting time) [00:17:00.0000] they rarely have managed to get up the energy to waste major amounts of time [00:20:00.0000] are those TAG minutes meant to become public? [00:24:00.0000] I think so... [00:37:00.0000] why would they not be? [01:22:00.0000] Hixie: they aren't public now. but I guess that's just a review period thing [01:28:00.0000] i wish people would get over this secrecy nonsense [01:29:00.0000] the people who'd be most offended or advantaged by knowing the secret stuff that might get removed already have access... [01:29:01.0000] i know [01:29:02.0000] that's what boggles my mind [01:34:00.0000] Hixie: I see you didn't address my pending feedback about line breaks in input type=text. should I start sending comments on the form stuff or assume that there's still pending feedback for stuff that has been migrated to html5 spec? [01:34:01.0000] i haven't replied to a single WF2 e-mail yet [01:34:02.0000] ok [01:34:03.0000] i'd hold back if you have feedback that i haven't yet dealt with [01:34:04.0000] ok [01:35:00.0000] i'm only about half-done on WF2 integration so far [01:35:01.0000] it's proving at least as hard as i imagined it would [01:36:00.0000] only one more type="" to do! [01:36:01.0000] type=image [01:40:00.0000] I'm glad to see that the CSS WG said no to versioning syntax: http://www.w3.org/mid/48E4132F.9060201⊙in [01:41:00.0000] css is where i first realised the value of no versioning [02:06:00.0000] the specialness of lang&xml:lang continues to result in insane amounts of code... :-( [02:12:00.0000] more code than prose? [02:12:01.0000] Hixie: more code [02:13:00.0000] Hixie: in the Java version of the parser, I want to have a non-browser sanity mode that magically turns lang on HTML elements to xml:lang in the infoset [02:14:00.0000] Hixie: but in the C++ version, I don't want to pay the memory footprint that the feature would take if latent [02:14:01.0000] (and in the Java version not paying for it as RAM footprint would make the code slower) [02:15:00.0000] on top of that, there are all sorts of checks on the validation layer [02:15:01.0000] morning laddies [02:15:02.0000] different ones for HTML and XHTML [02:15:03.0000] sounds like a pain [02:15:04.0000] i recommend not supporting xhtml. :-D [02:15:05.0000] (only kidding) [02:16:00.0000] If I could go back in time, I'd ask the definers of XML get rid of the xml: stuff and to grandfather lang and id. (and zap xml:space) [02:16:01.0000] you'd be ignored like everyone who _did_ ask them to doso [02:17:00.0000] at least I had the foresight to arrange my data structures so that I can just clip my arrays by one element when generating the C++ version [02:22:00.0000] I wonder what would break if we defined lang in HTML to become an attribute whose local name and qualified name are "lang" but the namespace is the XML namespace [02:23:00.0000] on HTML nodes, that is [02:23:01.0000] not on SVG and MathML nodes [02:25:00.0000] getAttribute('lang'), for one, if i understand you right [02:26:00.0000] also you'd still have a syntax issue, except now lang="" in HTML would be equal to xml:lang="" in XML and lang="" in XML and xml:lang="" in HTML would both be null-namespace attributes with no semantics, leading to no end of extra confusion [02:26:01.0000] Hixie: why? it matches on qualified name, which would be "lang" [02:26:02.0000] i thought it matches on name + namespace=null [02:26:03.0000] IIRC, no [02:26:04.0000] so how are clashes resolved? [02:26:05.0000] oh, qname [02:27:00.0000] man that would be so confusing [02:27:01.0000] Hixie: however, it would break setAttribute("lang", 'en') [02:27:02.0000] unless setAttribute were made magic [02:27:03.0000] i don't care about lang enough to do this [02:27:04.0000] :-) [02:29:00.0000] well, in general, namespaces result in an insane amount of code that doesn't do anything useful but has to be there for correctness and compat [02:29:01.0000] yes [04:29:00.0000] why is multiple file upload missing? multiple file upload is crucial [04:50:00.0000] /me now has a streaming HTML-to-XHTML web service, but it takes about 6.5 seconds to convert the 3MB HTML5 spec, which is better than html5lib but not great :-( [04:51:00.0000] (It's CPU-bound now, and I can't think of any obvious ways to improve it that don't involve getting a faster CPU) [04:53:00.0000] do you use Validator.nu? [04:53:01.0000] yoyo annevk2 [04:53:02.0000] I use its parser and serialiser [04:54:00.0000] olliej, hey [04:54:01.0000] /me should really go to work; woke up midday due to jetlag [04:57:00.0000] annevk2: wow, you need an excuse for that? [04:57:01.0000] /me got to work at 2 today [04:58:00.0000] Philip`: HTML-to-XHTML ? why ? [04:58:01.0000] erlehmann: Because takkaria is slow ;) [04:59:00.0000] (or rather because html5lib is slow and the validator.nu parser doen't have a way of binding to python and takkaria doesn't have a stable hubbub release yet) [04:59:01.0000] ??? [05:00:00.0000] jgraham: we're working on that (slowly) [05:00:01.0000] Which means that parsing html in python is slow whereas parsing xml is fast [05:01:00.0000] So html->xml using validator.nu followed by xml parsing in python might be faster than html5lib [05:02:00.0000] yay [05:02:01.0000] jmb: I was being tounge in cheek abot blaming you :) Although I am very much looking forward to hubbub [05:02:02.0000] erlehmann: What jgraham said :-) [05:02:03.0000] jgraham: aye [05:06:00.0000] olliej, well, usually when I'm in Oslo I try to work 10-6 since I'm not here that often and most people work those hours [05:06:01.0000] annevk2: it's 4am and i'm still alive [05:06:02.0000] s/alive/at the office ;) [05:07:00.0000] ouch [05:07:01.0000] also, friday beer and general shutdown today is at 5PM [05:07:02.0000] annevk2: ah [05:07:03.0000] annevk2: i've just been trapped in MSVC hell [05:07:04.0000] anyway, got to go [05:15:00.0000] Philip`: what was the problem with HTML2XML and escapes? [05:16:00.0000] whoa! [05:16:01.0000] that's a weird bug [05:21:00.0000] just a break statement missing [05:22:00.0000] I'm amazed the bug was there for so long without getting noticed [05:23:00.0000] Philip`: fixed in SVN [05:24:00.0000] Philip`: thanks [05:25:00.0000] well, it didn't render output ill-formed, so I guess an XML serializer can do something very bogus and still not get caught by an XML parser [05:25:01.0000] so now Philip` has found a bug in my XML serializer but still not a bug causing ill-formedness :-) [05:38:00.0000] the spec even says "There must be no more than one file in the list of selected files." :/ [05:44:00.0000] Philip`: javadocs about default policy also fixed in SVN. thanks [05:46:00.0000] Hixie, fwiw, I agree with you on string comparison; also note that it's not exactly a same origin check as you need an additional check for the path component which sicking neglected to mention [05:47:00.0000] maybe s/neglected/forgot/ [05:48:00.0000] (that is, making sure the path component is not specified at all so that Access-Control-Allow-Origin: http://example.com/ fails) [06:06:00.0000] hsivonen: If your criteria is limited to ill-formedness bugs and doesn't count other bugs, then the implementation is trivial, since you could write "String serialize(Document doc) { return ""; }" and it would never be ill-formed :-) [06:08:00.0000] hsivonen: Is there an easy way I can compile a new htmlparser-....jar with the fixed code? [06:10:00.0000] Philip`: no. I'll build a new jar. [06:33:00.0000] Philip`: new version released: http://about.validator.nu/htmlparser/ [06:34:00.0000] (wow. now I've actually had to make a new release because of an XML serializer bug Philip` found...) [06:34:01.0000] is there some way to instantiate Validator.nu and get a Python bound libxml tree as output? [06:36:00.0000] annevk2: locally, you can invoke java -cp htmlparser-1.1.1.jar nu.validator.htmlparser.tools.HTML2XML and pipe the input HTML to it, pipe the XML out and parse it with libxml in Python [06:37:00.0000] it seems that DreamHost has JDK so it might be worth looking into that [06:37:01.0000] hopefully later you could use the C++ translator with a type mapper that maps to the Python C API types instead of NSPR/XPCOM types [06:37:02.0000] for Anolis, that is [06:38:00.0000] annevk2: Didn't Philip` just make a network service that is equivalent to HTML2XML? [06:38:01.0000] (and that saves the JVM startup overhead) [06:39:00.0000] it does involve downloading 3MB in case of HTML5 [06:39:01.0000] twice [06:39:02.0000] good point [06:39:03.0000] hsivonen: Thanks! [06:39:04.0000] annevk2: You really don't want to start up a new JVM each time you want to parse a document [06:39:05.0000] though maybe Philip` is working on Anolis now in which case I don't have to :) [06:40:00.0000] you could also try compiling nu.validator.htmlparser.tools.HTML2XML with GCJ to avoid the JVM overhead [06:40:01.0000] but you could run the web service thing (which is just a trivial wrapper around Jetty and the parser/serialiser) locally [06:41:00.0000] Philip`: on dreamhost, doing so requires dreamhost PS [06:41:01.0000] Philip`: not allowed on regular accounts [06:41:02.0000] hsivonen: Oh, that could be a problem [06:41:03.0000] annevk2: It's much less than 3MB if you compress it :-) [06:41:04.0000] but then it'll get CPU-bound more easily [06:42:00.0000] why would the JVM not be on by default btw? [06:42:01.0000] Without compression, it takes about 6 seconds (on my very limited CPU) which is 500KB/s which isn't really much [06:43:00.0000] so you shouldn't really need to worry about bandwidth usage [06:43:01.0000] annevk2: IIRC, Dreamhost default accounts allow you to run Java programs by default but you aren't allowed to leave the processes sitting in the RAM [06:44:00.0000] and leaving the process waiting is the whole point of avoiding the JVM startup overhead [06:44:01.0000] (Hmm, 25% of the runtime is in sun.nio.cs.UTF_8$Encoder.encodeArrayLoop) [06:45:00.0000] Philip`: do you have ICU4J in classpath? [06:45:01.0000] ok, Java support indeed there [06:45:02.0000] There's the HotSpot overhead too, since it's really slow the first time you try to pass a document through the process [06:45:03.0000] hsivonen: Hmm... No [06:45:04.0000] but I suppose I can use the service from Philip` [06:45:05.0000] Philip`: just wondering if the IBM UTF-8 impl is any faster [06:46:00.0000] /me wonders how many distributed moving parts the spec generation now has... [06:46:01.0000] but is Validator.nu much faster than the libxml HTML parser? that's currently being used and already it's slow :/ [06:47:00.0000] hsivonen: It still says it's spending lots of time in sun.nio.cs.UTF_8$Encoder.encodeArrayLoop [06:47:01.0000] Philip`: ok. I guess it's not picking up the ICU4J code automatically :-( [06:47:02.0000] I presume it is actually using ICU4J now, since it's got some calls to com.ibm.icu.charset.UConverterDataReader.readMBCSTable too [06:48:00.0000] Philip`: from the name, that looks like a static method that runs on initial class loading [06:48:01.0000] hsivonen: Oh, okay [06:49:00.0000] annevk2: I haven't benchmarked the Validator.nu parser against libxml2 [06:56:00.0000] annevk2: On my computer, parsing/reserialising the spec with libxml2 (via a Python script) takes about 0.55 seconds and with validator.nu (via (local) HTTP) takes about 0.75 seconds [06:58:00.0000] so it won't go faster [06:58:01.0000] but since libxml2 html can't be used... [07:00:00.0000] If the UTF-8 encoding took zero time then it'd be faster than libxml2 :-) [07:01:00.0000] I should also figure out how to make Python run faster on DreamHost [07:13:00.0000] hsivonen: http://about.validator.nu/htmlparser/ - "Fixed JavaDocs about XML violatation policy defaults." - s/violatation/violation/ [07:14:00.0000] Philip`: thanks. fixed [09:18:00.0000] id=draft-recommendation-—-date:-01-jan-1901 — that really isn't nice. [09:19:00.0000] do IDs after dates? [09:20:00.0000] Why does it need an id at all? [09:20:01.0000] Philip`: Currently all headers get ids [09:21:00.0000] annevk2: Then it changes every time the date changes [09:21:01.0000] gsnedders: Why? It seems pointless if nothing is linking to it [09:21:02.0000] /me can't remember [09:21:03.0000] There was a reason [09:22:00.0000] and for the headings where you might actually want to externally link to, like the status and abstract, they already have explicit non-auto-generated id values in the source [09:22:01.0000] Yeah, that isn't changed. [10:02:00.0000] why does XHTML 5 not attempt to provide a replacement for the modularization scheme defined and used by XHTML 1.1 ? [10:03:00.0000] erlehmann: Because the people developing XHTML 5 do not see any value in defining a modularisation scheme, as far as I'm aware [10:04:00.0000] (No value to the web, in particular) [10:04:01.0000] Philip`: i used the modularisation to allow specific XHTML tags in comments. [10:04:02.0000] erlehmann: couldn't you have done that with a monolithic schema by deleting stuff from it? [10:05:00.0000] erlehmann: Why does modularisation help, rather than just you writing a list of the elements and attributes you want to permit? [10:05:01.0000] yeah, but i'd have to write the DTDs myself ;) [10:05:02.0000] erlehmann: what happens when you and the XHTML2 WG disagree on the grouping of elements? [10:06:00.0000] hsivonen: they'll probably win [10:06:01.0000] erlehmann: have you ever wanted to allow one but disallow another element within one module (as defined by the XHTML 2 WG)? [10:06:02.0000] i'm no match for the internet alite [10:06:03.0000] no. [10:17:00.0000] BenMillard: 3:19.594, with a large mistake going into the Porsche Curves on RM/RM [11:14:00.0000] Why does no normal web server with reverse proxying cope with streaming transfers? :-( [11:15:00.0000] All I want it to do is redirect the request to another server, and redirect the response back, without buffering everything in the middle [11:16:00.0000] (If I remember correctly, Apache and Lighttpd buffer the whole response, and Nginx also buffers the whole request) [13:20:00.0000] Aha, Squid does reverse proxying properly [13:20:01.0000] though it only supports HTTP 1.0 [13:21:00.0000] so if I use curl with default options then it gets an error message, because curl tries sending Expect: 100-continue which Squid doesn't like [13:22:00.0000] HTTP is so nice [13:26:00.0000] annevk2: i want to do multiple file uploads with something other than min/max [13:47:00.0000] Hixie: what were you thinking about besides min/max? [13:47:01.0000] /me is about to implement multiple file uploads [13:50:00.0000] i dunno [13:50:01.0000] count="" or something maybe [13:50:02.0000] or multiple="" [13:51:00.0000] like on or something, and now your site is making use of HTML 5 [16:32:01.0000] erlehmann: hsivonen did a good job summarizing the history of the "HTML is SGML" confusion in his master's thesis: http://hsivonen.iki.fi/thesis/html5-conformance-checker#history [16:32:02.0000] erlehmann: (Migration to XHTML is far harder, because there are hundreds of obscure corner cases you have to cope with, and nobody ever gets them all right) [16:33:00.0000] Philip`: if i really want to be semantic, it could be a tedious task replacing all the
    s with
    ,