[whatwg] HTTP Forms extension specification

Cameron Jones cmhjones at gmail.com
Tue Oct 15 09:20:15 PDT 2013


On Mon, Oct 14, 2013 at 9:04 PM, Ian Hickson <ian at hixie.ch> wrote:

> On Thu, 21 Feb 2013, Cameron Jones wrote:
> >
> > http://cameronjones.github.com/form-http-extensions/index.html
>
> On Fri, 22 Feb 2013, Cameron Jones wrote:
> >
> > The motivations are the same which support declarative over imperative
> > programming, access to the HTTP protocol methods and headers (ETags,
> > versioning), greater flexibility over payload binding and the ability to
> > avoid using cookies for session continuation.
>
> Can you elaborate? What are the end-user use cases that this proposal
> would enable, that are not possible today?
>

The direct enabler for the end-user is the ability to interact with web
sites under the guarantees of HTTP method semantics without the need for
them to be using a Javascript-enabled browser.

The HTTP idempotent methods (PUT, DELETE) guarantee that that multiple
identical requests should have the same effect as a single request.

This alleviates the end-user from potentially executing multiple requests
either from hitting 'refresh' or the 'back button' when such requests would
have unintended consequences.

The ability to set request headers (also without JS) provides a universal
method for employing session continuation and request verification through
the application of 'capability-based security' tokens as HTTP headers. This
can be applied for GET requests without polluting URL queries.

The use of HTML declarations, as opposed to Javascript imperative
statements, provides the structure of a website for static generation and
analysis. Web crawlers, screen readers and other HTML tools will have the
ability to read, validate or otherwise process the site which would
otherwise be effectively impossible if required to define the structure in
imperative form.

The extension specification also includes the ability to declare HTTP
authentication forms, and the ability to 'logout' and clear the
authentication cache. In lieu of a Javascript interface, this provides the
only ability of this functionality.

Thanks,
Cameron Jones



More information about the whatwg mailing list