shibayashiI wonder, if the proposed HTTP QUERY method could be used to circumvent one of the bigger issues with #Webkey #OCAP. Sending #ObjectCapabilities in the body instead of the URL would certainly help. Sadly, this will probably be another feature that is only available with JavaScript and not with HTML directly.
https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-safe-method-w-body-14
https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-safe-method-w-body-14
The HTTP QUERY Method
This specification defines the QUERY method for HTTP. A QUERY requests that the request target process the enclosed content in a safe and idempotent manner and then respond with the result of that processing. This is similar to POST requests but can be automatically repeated or restarted without concern for partial state changes.