principles - Dave's Blog


draft-ietf-websec-origin-01 - The Web Origin Concept

2011 Jun 21, 1:22"This document defines the concept of an "origin", which is often used
as the scope of authority or privilege by user agents. Typically,
user agents isolate content retrieved from different origins to
prevent malicious web site operators from interfering with the
operation of benign web sites. In addition to outlining the
principles that underly the origin concept, this document defines how
to determine the origin of a URI, how to serialize an origin into a
string, and an HTTP header, named "Origin", that indicates which
origins are associated with an HTTP request."PermalinkCommentsietf reference technical web browser user-agent webbrowser origin

Client-side Cross-domain Security

2010 Mar 31, 7:54"Summary: Exploring cross-domain threats and use cases, security principles for cross-origin requests, and finally, weighing the risks for developers to enhance cross-domain access from web applications running in the browser."PermalinkCommentstechnical msdn microsoft security xss XMLHttpRequest web browser

Thought Experiments and Design Principles

2010 Jan 29, 3:54

Raymond Chen has some thought experiments useful for discovering various kinds of stupidity in software design:

Tim Berners-Lee's principles of Web design includes my favorite: Test of Independent Invention. This has a thought experiment containing the construction of the MMM (Multi-Media Mesh) with MRIs (Media Resource Identifiers) and MMTP (Muli-Media Transport Protocol).

The Internet design principles (RFC 1958) includes the Robustness Principle: be strict when sending and tolerant when receiving. A good one, but applied too liberally can lead to interop issues. For instance, consider web browsers. Imagine one browser becomes so popular that web devs create web pages and just test out their pages in this popular browser. They don't ensure their pages conform to standards and accidentally end up depending on the manner in which this popular browser tolerantly accepts non-standard input. This non-standard behavior ends up as de facto standard and future updates to the standard essentially has had decisions made for it.

PermalinkCommentstechnical design principles software development

Internet Architectual Principals: reading

2009 Sep 10, 10:26"Here’s the reading list for an upcoming session of Scott Bradner’s class on Internet Architectural Principles"PermalinkCommentsreference internet history architecture todo technical

YouTube - Principles of economics, translated

2008 May 16, 5:07'"Mankiw's 10 principles of economics, translated for the uninitiated", by Yoram Bauman'PermalinkCommentsvia:swannman economics humor video youtube

IEBlog : Microsoft's Interoperability Principles and IE8

2008 Mar 3, 3:24Actually, we're going to default to the new super standards mode after all. Didn't see that coming -- did ya?PermalinkCommentshtml ie ie8 microsoft internet browser standards blog

The Evolution of a specification -- Commentary on Web architecture

2007 Oct 3, 10:21Tim Berners-Lee writes about principles for new technology in the context of the evolution of HTML and the development of namespaces and XML.PermalinkCommentsarchitecture article tim-berners-lee w3c internet history evolution html namespace xml web mmm multimedia-mesh humor test-of-independent-invention
Older Entries Creative Commons License Some rights reserved.