Re: Is this use of BASE kosher?

Lou Montulli (montulli@mozilla.com)
Fri, 4 Aug 95 15:30:28 EDT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Dave Hollander: "Re: Is this use of BASE kosher?"
Previous message: Jonsm@aol.com: "Re: tables-00.txt, min column width"
Maybe in reply to: Peter K. Sheerin: "Is this use of BASE kosher?"
Next in thread: Dave Hollander: "Re: Is this use of BASE kosher?"

In article <9508041145.AA13604@plato.ansa.co.uk> Owen Rees <rtor@ansa.co.uk>
wrote:
>
>
> The options seem to be:
> 1) BASE is only for resolving relative URLs, it may be a URI for a
> different resource.
> 2) BASE must be a URI for this document

2 can not be used because it opens up serious security concerns.

You can't get a document from one source and then inform the
user that it is from someplace completely different. Since
users rely on the URI to tell them where the document comes from
this usage of BASE will lead users to believe things that are
not true.

>
> In case 1, the comment in the DTD would also need to be changed to
> something like:
>
> 

This was the original reason BASE was created, I was there when
it happened.

>
>
> My preference is for case 2; the effect of case 1 can be achieved by
> using only absolute URLs and omitting BASE.
>
The main reason for having BASE is so that you can
append it to the top of a document and mail it around.
Upon receipt of the mailed document the relative URL's within it
can be resolved.

:lou

-- 
Lou Montulli                 http://www.mcom.com/people/montulli/
       Netscape Communications Corp.

Next message: Dave Hollander: "Re: Is this use of BASE kosher?"
Previous message: Jonsm@aol.com: "Re: tables-00.txt, min column width"
Maybe in reply to: Peter K. Sheerin: "Is this use of BASE kosher?"
Next in thread: Dave Hollander: "Re: Is this use of BASE kosher?"