W3C home > Mailing lists > Public > public-web-security@w3.org > November 2012

Re: CSP 1.1 DOM design

From: Boris Zbarsky <bzbarsky@MIT.EDU>
Date: Sun, 04 Nov 2012 20:08:32 -0500
Message-ID: <50971190.1010106@mit.edu>
To: public-web-security@w3.org
On 11/4/12 3:58 PM, Alex Russell wrote:
>      DOMString toString();

This should probably be:


instead (which in ES will produce a toString on the prototype, but is 
more clear about the point, and might do different things in other 
binding languages).

> One open issue: I'm not sure If allowsEval, allowsInlineScript, and
> allowsInlineStyle should just be boolean getters or if they should stay
> methods

I think readonly boolean attributes would make more sense here, personally.

Another thing to think about is whether reportURIs should really be an 
IDL array (which does NOT produce a JS array on the JS side, so it 
really depends on the expected use cases).

Received on Monday, 5 November 2012 01:09:00 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:26:20 UTC