- From: Ian Hickson <ian@hixie.ch>
- Date: Mon, 21 Jul 2008 00:53:06 +0000 (UTC)
- To: Andrew Fedoniouk <news@terrainformatica.com>
- Cc: public-html@w3.org
On Sun, 20 Jul 2008, Andrew Fedoniouk wrote: > > If it will have 'window' then that 'window' will be an object of > different class than traditional 'window'. E.g. there will not be such > thing as window.document. Correct? Right, WindowWorker is what workers see, and WindowBrowsingContext is where window.document can be found. > What methods of the 'window' you want keep, BTW? http://www.whatwg.org/specs/web-workers/current-work/#the-windowworker http://www.whatwg.org/specs/web-workers/current-work/#apis-available > Such things as alert() shall not be available for the script in Worker. > It should not use UI in any manner. Am I right? Right, window.alert() is on WindowBrowsingContext. > > A browsing context is basically a tab or window or iframe. > > Ah, OK. So it is something under the hood of scripting. Like Worker > lives inside operational environment (or inherits that environment) of > its owner. That means for example that Worker works on the same level of > security as its owner. Correct? Actually the security context (effective script origin) is derived from the URL attribute: http://www.whatwg.org/specs/web-workers/current-work/#base-urls In fact I believe that at the moment the script document context of a worker is a concept that isn't used at any point, and is thus redundant. The script browsing context is needed for instance to ensure that a worker started from an iframe with the "sandbox" attribute can't cause notifications to be sent, and stuff like that. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Monday, 21 July 2008 00:53:42 UTC