bug-librejs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Allow specifying the license with an HTTP header

From: Julius Schwartzenberg
Subject: Re: Allow specifying the license with an HTTP header
Date: Fri, 2 Oct 2020 21:20:06 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Icedove/68.9.0 
On 01-10-2020 18:00, John Scott wrote:

On Wednesday, September 30, 2020 4:14:51 PM EDT Julius Schwartzenberg wrote:

What do you think of these ideas?


I think a more generalized method may be warranted. How does/should LibreJS
handle WebAssembly, for example?

I'm glad to hear your idea, and it could be good for CMS systems that would
otherwise be hard to tweak. A con of having that information in the transport
instead of the file is copies and mirrors will lose that information.
Maybe it could be a header that points to a (relative) path with license information that could be transferred along (in case of a mirror situation)? Or having a variant for this case "content-license-location" that points to a path? 



LibreJS and friends need more than just license information though: they need
to be told where the source can actually be found. If JavaScript is minimized,
one may not be able to tell what version of the source actually corresponds.
Possibly this could be in another header? What about providing a "content-source-location". Maybe 'source' is not always the right terminology to indicate what comes down to all the ingredients necessary to generate the resulting program. 



Off-topic, but for projects conforming to the REUSE specification or already
using some other scheme it'd be bad if they had to repeat themselves. SPDX has
file tags like
SPDX-FileType: SOURCE
SPDX-FileType: BINARY

that almost get us there, but there doesn't seem to be one to specify source
location in a binary file.
A header could also be provided by the webserver if it detects presence of such information. It would relieve the burden of clients requiring all sorts of license detection mechanisms. 



How would standardization bodies respond?

I think it's good to throw ideas at the wall and see what sticks.


Yeah that's the intention :)



The license information could also be provided for downloads.

I don't know much about it, but Wget has this neat option:
--xattr turn on storage of metadata in extended file attributes

I don't know what dictionary is used for this type of metadata, but I know
some browsers and programs across platforms use it.
Maybe the use case for local storage should be separated? In many cases simply blocking non-free content from being retrieved at all would suffice. 

Thanks!
Julius
reply via email to
[Prev in Thread] Current Thread [Next in Thread]