Brendan Eich wrote: > Mark S. Miller wrote: >> On Sun, Feb 19, 2012 at 12:33 AM, Brendan Eich <brendan@mozilla.com >> <mailto:brendan@mozilla.com>> wrote: >> [...] >> >> Why the global object? Because for many VMs, each global has its >> own heap or sub-heap ("compartment"), and all references outside >> that heap are to local proxies that copy from, or in the case of >> immutable data, reference the remote heap. >> [...] >> >> Is this true for same origin iframes? I have always assumed that >> mixing heaps between same origin iframes results in unmediated direct >> object-to-object access. If these are already mediated, what was the >> issue that drove us to that? > > Not all engines mediate cross-same-origin-window accesses. Sorry, I misused "mediate" incorrectly here to mean heap/compartment isolation. All engines in browsers that conform to HTML5 must mediate cross-frame Window (global object) accesses via WindowProxy, as discussed in other followups. > I hear IE9+ may, indeed rumor is it remotes to another process > sometimes (breaking run-to-completion a bit; something we should > explore breaking in the future for window=vat). (Hope that parenthetical aside has you charged up -- we need a fresh thread on that topic, though... ;-) /beReceived on Sunday, 19 February 2012 23:12:07 UTC
This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:37:46 UTC