W3C home > Mailing lists > Public > public-web-security@w3.org > November 2012

Re: CSP 1.1 DOM design

From: Boris Zbarsky <bzbarsky@MIT.EDU>
Date: Sun, 04 Nov 2012 20:08:32 -0500
Message-ID: <50971190.1010106@mit.edu>
To: public-web-security@w3.org
On 11/4/12 3:58 PM, Alex Russell wrote:
>      DOMString toString();

This should probably be:

   stringifier;

instead (which in ES will produce a toString on the prototype, but is 
more clear about the point, and might do different things in other 
binding languages).

> One open issue: I'm not sure If allowsEval, allowsInlineScript, and
> allowsInlineStyle should just be boolean getters or if they should stay
> methods

I think readonly boolean attributes would make more sense here, personally.

Another thing to think about is whether reportURIs should really be an 
IDL array (which does NOT produce a JS array on the JS side, so it 
really depends on the expected use cases).

-Boris
Received on Monday, 5 November 2012 01:09:00 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 5 November 2012 01:09:01 GMT