On Fri, Feb 14, 2014 at 5:17 PM, Alex Russell <slightlyoff@google.com>wrote: > On Fri, Feb 14, 2014 at 3:56 PM, Ryosuke Niwa <rniwa@apple.com> wrote: > >> [...] > We all agree it's not a security boundary and you can go through great >> lengths to get into the ShadowRoot if you really wanted, all we've done by >> not exposing it is make sure that users include some crazy >> jquery-make-shadows-visible.js library so they can build tools like Google >> Feedback or use a new framework or polyfill. >> >> >> I don’t think Google Feedback is a compelling use case since all >> components on Google properties could simply expose “shadow” property >> themselves. >> > > So you've written off the massive coordination costs of adding a uniform > to all code across all of Google and, on that basis, have suggested there > isn't really a problem? ISTM that it would be a multi-month (year?) project > to go patch every project in google3 and then wait for them to all deploy > new code. > > Perhaps you can imagine a simpler/faster way to do it that doesn't include > getting owners-LGTMs from nearly every part of google3 and submitting tests > in nearly every part of the tree?? > > Please also note that Google Feedback's screenshot technology works fine on many non-Google web pages and is used in situations that are not on Google controlled properties. If we're going to ask the entire web to expose ".shadow" by convention so things like Google Feedback or Readability can work we might as well just expose it in the platform. - E
Received on Saturday, 15 February 2014 01:55:53 UTC