First, (2) is phrased strangely. What does it mean for a something to
"be a URI for a document"? A document is a sequence of characters.
It makes more sense to say that a document is a representation of
a resource named by a URI.
And when some document X contains <base href="uri-x"> then yes, that's
an assertion that document X is a representation of the resource
identified by uri-x.
It's also a request to cite this resource using uri-x. Now...
should that request be honored? I think so.
>2 can not be used because it opens up serious security concerns.
>
>You can't get a document from one source and then inform the
>user that it is from someplace completely different.
How is this different from an HTTP URI: header? Yes, folks can
lie. Unless you've got authentication, you pretty much have to trust
folks -- and realize that you'd better not rely too heavily on
unathenticated information.
> Since
>users rely on the URI to tell them where the document comes from
>this usage of BASE will lead users to believe things that are
>not true.
Any user who thinks that the base URI is where the document came
from is just mistaken, if you ask me.
Displaying the URL given in a <base> tag, rather than the one used to
fetch the document will lead the user to believe that the author wants
the document cited by that <Base> address, which is the truth, no?
In general, users shouldn't bet too much on info they get from the
net. In particular, if a document comes from one host, but it's
<base> tag gives a different host, what's the harm?
Dan