- From: Dimitri Glazkov <dglazkov@chromium.org>
- Date: Wed, 29 Jun 2011 09:59:47 -0700
- To: Boris Zbarsky <bzbarsky@mit.edu>
- Cc: public-webapps@w3.org
On Wed, Jun 29, 2011 at 9:41 AM, Boris Zbarsky <bzbarsky@mit.edu> wrote: > On 6/29/11 12:08 PM, Dimitri Glazkov wrote: >> >> 2) There is no separation between internal >> (http://dev.w3.org/2006/xbl2/#xblimplementation) and external objects, >> since we decided to push isolation into its own spec. > > I still think this is a mistake that will come back and bite as as we try to > bolt on security features after the fact... I am keenly aware of the security implications when proposing this API. The separation between external and internal object will still be necessary for the isolation model, but exposing the shadow property is not preventing it from happening. It will just return null when the membrane is in place. > >> The TreeScope is a formalization of a shadow scope construct >> (http://dev.w3.org/2006/xbl2/#shadow-scope). >> >> Thoughts, comments are appreciated. > > I'm not sure your IDL for TreeScope actually works; check with Cameron? In > particular, it's trying to put Node twice on Document... Ah yes -- I didn't know how to express this in IDL. The Node comes to Document by way of TreeScope. It's not a multiple inheritance. > > -Boris > >
Received on Wednesday, 29 June 2011 17:00:13 UTC