-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add notes to the safelisted schemes list #7678
base: main
Are you sure you want to change the base?
Conversation
I am listed at a contributor for HCL in the latest version of this doc |
The IANA registration says
which seems somewhat concerning as this would end up exposing it on the public internet. Can that be addressed first? |
The provisional scheme had been a placeholder that was transferred to myself and HCL on last update. I will respond back once that update has been made. |
The provisional scheme for notes has been updated. The security section in the draft is as follows... "6. Security Considerations All operations initiated as a result of locating and viewing a @annevk Please let me know if this update is sufficient to address your original concern. |
I'm not really sure how to read that or how it makes sense if a |
At least two implementers are interested (and none opposed):
Tests are written and can be reviewed and commented upon at: Implementation bugs are filed: |
To clarify on that comment, there is a local application, HCL Notes that can and does handle the notes scheme. For completeness, this was included, but does not require a change to the HTML spec, nor to browser. There is also a web based app, HCL Nomad for web, which is a single page application/PWA that could handle the notes scheme, but cannot at the moment due to the notes scheme note being on the HTML whitelist nor allowed by the major browsers as a result. |
In terms of participation, I am a member of HCL-TECH-SOFTWARE as a public member. And HCL-TECH-SOFTWARE has signed on for participation in this doc |
At least two implementers are interested (and none opposed): Chrome is interested Tests are written and can be reviewed and commented upon at: Implementation bugs are filed: |
@annevk This seems to have stalled. What would it take to keep it moving? |
@annevk Any chance of moving this forward? |
The notes scheme is currently being documented and finalized at 1
The primary goal of the 'notes' URI is to view or edit a resource. Typically, a 'notes' URI would be encountered in MIME Email which contains links to other applications and/or documents residing on Domino server(s). A 'notes' URI can also be used with operating system clipboard operations to share a link with a native application or a browser application. When a 'notes' URI is clicked, a local installation of an application that supports the protocol will be launched and the resource will be located and shown. A local application can either be a native application, HCL Notes, or could be a browser application, Nomad for Web, which is delivered as a progressive web application (PWA).
The intent of the notes scheme is to allow the Nomad for web PWA to handle the notes scheme by being safelisted.
This commit adds the provisional notes scheme, as provisionally registered at 2
The notes protocol is being used by millions of users.
/acknowledgements.html ( diff )
/system-state.html ( diff )