W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2011

Re: Component Model is not an Isolation Model

From: Dimitri Glazkov <dglazkov@chromium.org>
Date: Thu, 10 Mar 2011 13:59:55 -0800
Message-ID: <AANLkTi=TaX6XDB10N=Asj=va4hTtJquAh-hgfGB9WxBV@mail.gmail.com>
To: robert@ocallahan.org
Cc: Boris Zbarsky <bzbarsky@mit.edu>, public-webapps <public-webapps@w3.org>
On Thu, Mar 10, 2011 at 1:59 AM, Robert O'Callahan <robert@ocallahan.org> wrote:
> On Thu, Mar 10, 2011 at 4:17 PM, Boris Zbarsky <bzbarsky@mit.edu> wrote:
>> 1)  Cross-site components are safe to use.
>> 2)  You can't screw up and depend on implementation details of a
>>    component, because if you're calling something the component
>>    provides then you're using APIs the component explicitly exposed.
> #2 --- protecting components from the enclosing document --- should
> definitely be supported by the component model IMHO. Without that, it's more
> difficult to update components over time.

Yes indeed. The component model must provide a uniform way to declare
component APIs.

> I'm less enthusiastic about #1. In many situations, perhaps most, developers
> can choose to trust a component and host it themselves, and there's no
> problem. Some "widget" use cases can be solved with IFRAMEs instead. What
> use cases for cross-site component loading are left?
> Rob
> --
> "Now the Bereans were of more noble character than the Thessalonians, for
> they received the message with great eagerness and examined the Scriptures
> every day to see if what Paul said was true." [Acts 17:11]
Received on Thursday, 10 March 2011 22:01:32 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:26:30 UTC