On Thu, Mar 10, 2011 at 4:17 PM, Boris Zbarsky <bzbarsky@mit.edu> wrote: > 1) Cross-site components are safe to use. > 2) You can't screw up and depend on implementation details of a > component, because if you're calling something the component > provides then you're using APIs the component explicitly exposed. > #2 --- protecting components from the enclosing document --- should definitely be supported by the component model IMHO. Without that, it's more difficult to update components over time. I'm less enthusiastic about #1. In many situations, perhaps most, developers can choose to trust a component and host it themselves, and there's no problem. Some "widget" use cases can be solved with IFRAMEs instead. What use cases for cross-site component loading are left? Rob -- "Now the Bereans were of more noble character than the Thessalonians, for they received the message with great eagerness and examined the Scriptures every day to see if what Paul said was true." [Acts 17:11]
Received on Thursday, 10 March 2011 09:59:43 UTC