Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
persistenturls
Home
+ new post
About this group
Join this group
Message from discussion Please allow access to PURLs from JS
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Young,Jeff (OR)  
View profile  
 More options Oct 25 2010, 12:11 pm
From: "Young,Jeff (OR)" <jyo...@oclc.org>
Date: Mon, 25 Oct 2010 12:11:04 -0400
Local: Mon, Oct 25 2010 12:11 pm
Subject: RE: Please allow access to PURLs from JS
Print | View thread | Show original | Report this message | Find messages by this author
Nathan,

The Cross-Origin Resource Sharing specification appears to be on the
bleeding edge (23 Sept 2010) and is currently in "Editor's Draft"
status. It's not clear (to me at least) that setting this header blindly
for all PURL responses is appropriate. These "same-origin restrictions"
that CORS is trying to sidestep are presumably there for a reason.

Even if blindly setting this header does make sense, my naive impression
is that NetKernel requires HTTP response headers to be implemented in
code rather than configuration. I think purl.org needs to beware of
customizing PURLZ code because preserving and test changes across PURLZ
distribution updates is non-trivial. If it makes sense to set this
header, I'm inclined to believe it needs to be part of a future PURLZ
distribution.

Jeff

> -----Original Message-----
> From: persistenturls@googlegroups.com
> [mailto:persistenturls@googlegroups.com] On Behalf Of nathan
> Sent: Friday, October 22, 2010 8:45 PM
> To: persistenturls
> Subject: Please allow access to PURLs from JS

> Hi,

> Currently all PURLs (on purl.org) do not expose headers which allow
> client side access from javascript, they are currently all blocked by
> CORS [1].

> Allowing access is as simple as adding a single HTTP Response Header -
> 'Access-Control-Allow-Origin "*"'

> End resources will also have to expose this header, however at the
> moment purl.org is blocking access to js regardless of whether the end
> resource is exposed or not.

> Is there anybody here who can make this change, if not, to who do I
> speak?

> Best & TIA,

> Nathan

> [1] http://dev.w3.org/2006/waf/access-control/


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2013 Google