- From: Ian Hickson <ian@hixie.ch>
- Date: Wed, 9 Jan 2013 21:28:02 +0000 (UTC)
- To: Adam Barth <w3c@adambarth.com>
- Cc: whatwg <whatwg@lists.whatwg.org>, Boris Zbarsky <bzbarsky@mit.edu>
On Wed, 9 Jan 2013, Adam Barth wrote: > > The Document interface (which is what we started this thread discussing) > is never visible across origins and so does not have any of these > complexities. Actually Document objects can be visible across origins per spec, but none of their properties ever are. The four magic interfaces are Window, Document, Storage, and Location. They each have slightly different magic. But as far as this thread goes, the solution for all four is basically the same; calling code on any of them should just run the same check as is run when access properties on them. I'm happy to spec this, but IMHO the right spec is for WebIDL to introduce some hook I can use to make sure I catch all the relevant places. I don't really want the HTML spec to enumerate all the things here like getters and setters and methods and so forth that are relevant, I'd like it to just hook all of them at once, providing the algorithm for each of the above four interfaces, just like we do now for direct accesses. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Wednesday, 9 January 2013 21:28:28 UTC