- From: Richard Barnes <notifications@github.com>
- Date: Fri, 13 Nov 2015 09:16:42 -0800
- To: heycam/webidl <webidl@noreply.github.com>
- Message-ID: <heycam/webidl/pull/65/c156492009@github.com>
So I can probably live with the "throw approach" if we can't just kill document.domain. Thanks for talking this through. Would it be worth throwing in the "potentially trustworthy" distinction here as well? If a context is not even potentially trustworthy (e.g., an "http:" origin), there's no issue with document.domain, so you don't get the raciness. So it seems like you could do something like: - If the origin is not potentially trustworthy, then don't expose the object - Otherwise, throw if you're in a non-secure context (either because of framing or because of document.domain) On Fri, Nov 13, 2015 at 11:39 AM, Boris Zbarsky <notifications@github.com> wrote: > Note "various other problems". E.g. what if the page has already redefined > the secure APIs as non-configurable? Now you can't delete them. Should > document.domain setting fail in that case? What if the page just grabbed > the relevant functions as in #65 (comment) > <https://github.com/heycam/webidl/pull/65#issuecomment-156356090> > > — > Reply to this email directly or view it on GitHub > <https://github.com/heycam/webidl/pull/65#issuecomment-156482471>. > --- Reply to this email directly or view it on GitHub: https://github.com/heycam/webidl/pull/65#issuecomment-156492009
Received on Friday, 13 November 2015 17:17:11 UTC