- From: Wilco Fiers <notifications@github.com>
- Date: Thu, 07 Dec 2017 10:18:30 +0000 (UTC)
- To: whatwg/dom <dom@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 7 December 2017 10:18:57 UTC
I think the security concern that was raised, being able to cancel handlers, isn't a particularly strong one. If you want to cancel events and you've got access to the node, all you need to do is clone it and replace the original with the clone. The DOM wasn't built with any sort of boundaries in it. Security boundaries are built around the page, not within parts of it. I think just in general, testability is improved with this API, not just for axe-core (Which I work on, like Marcy). I think any time you can set something without having the ability to check that it's there is a bad sign for your API. It requires you to track side-effects instead, which leads to brittle tests. The original argument also has a lot going for it IMO. If just about every major library has to build its own method of tracking events are listened for where, that's a pretty good indication that a feature is missing. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/dom/issues/412#issuecomment-349924333
Received on Thursday, 7 December 2017 10:18:57 UTC