SAMP doc revision

Mark Taylor m.b.taylor at bristol.ac.uk
Fri Nov 18 04:16:34 PST 2011


Hi all,

Following discussions at Pune and some further thought of mine 
I've made another revision to the SAMP 1.3 draft, which I now hope
to submit as a Proposed Recommendation.

The main changes are to the discussion of Security - I've reworked
the section on Web Profile security (again) and added new separate
sections on security in general and also moved the discussion of
Standard Profile security to its own section for consistency.

The recommendations in the Web Profile security section have changed
a bit; it's now recommended that implementations consider restricting
the behaviour permitted to Web Profile clients in terms of both
the MTypes they are allowed to send and the URLs they are allowed
to translate.  I am (finally) confident that along with the registration
restrictions this delivers a solution with adequate protection for
users against potentially hostile Web SAMP clients.

Please take a look and post any comments to the list or to me.
If there's no disagreement, I plan to submit this PR near the end
of next week (25 Nov).

The text is in volute as usual
(http://code.google.com/p/volute/source/browse/trunk/projects/samp/doc/samp.tex)
If you want a built copy you can find one at
ftp://andromeda.star.bris.ac.uk/pub/star/sampdoc/

Mark

--
Mark Taylor   Astronomical Programmer   Physics, Bristol University, UK
m.b.taylor at bris.ac.uk +44-117-928-8776 http://www.star.bris.ac.uk/~mbt/


More information about the apps-samp mailing list