W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2011

Re: Component Model: Landing Experimental Shadow DOM API in WebKit

From: Dimitri Glazkov <dglazkov@chromium.org>
Date: Wed, 29 Jun 2011 09:59:47 -0700
Message-ID: <CADh5Ky3BJFp48DESJ=kQWjA7v5JXsec2g1y3Uez6xgD+VP_3Ag@mail.gmail.com>
To: Boris Zbarsky <bzbarsky@mit.edu>
Cc: public-webapps@w3.org
On Wed, Jun 29, 2011 at 9:41 AM, Boris Zbarsky <bzbarsky@mit.edu> wrote:
> On 6/29/11 12:08 PM, Dimitri Glazkov wrote:
>>
>> 2) There is no separation between internal
>> (http://dev.w3.org/2006/xbl2/#xblimplementation) and external objects,
>> since we decided to push isolation into its own spec.
>
> I still think this is a mistake that will come back and bite as as we try to
> bolt on security features after the fact...

I am keenly aware of the security implications when proposing this
API. The separation between external and internal object will still be
necessary for the isolation model, but exposing the shadow property is
not preventing it from happening. It will just return null when the
membrane is in place.

>
>> The TreeScope is a formalization of a shadow scope construct
>> (http://dev.w3.org/2006/xbl2/#shadow-scope).
>>
>> Thoughts, comments are appreciated.
>
> I'm not sure your IDL for TreeScope actually works; check with Cameron?  In
> particular, it's trying to put Node twice on Document...

Ah yes -- I didn't know how to express this in IDL. The Node comes to
Document by way of TreeScope. It's not a multiple inheritance.

>
> -Boris
>
>
Received on Wednesday, 29 June 2011 17:00:13 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:45 GMT