W3C home > Mailing lists > Public > public-script-coord@w3.org > January to March 2016

Re: [SecureContext] - throw or hide

From: Boris Zbarsky <bzbarsky@mit.edu>
Date: Mon, 21 Mar 2016 08:57:52 -0400
To: Anne van Kesteren <annevk@annevk.nl>, Jonathan Watt <jwatt@jwatt.org>, Richard Barnes <rbarnes@mozilla.com>, Martin Thomson <mt@mozilla.com>
Cc: public-script-coord <public-script-coord@w3.org>
Message-ID: <56EFEFD0.2050704@mit.edu>
On 3/21/16 4:53 AM, Anne van Kesteren wrote:
> I think it's mostly Richard and Martin that favor tying this to exposure.

And me, for what it's worth.  I strongly believe we should not be 
exposing attribute getters that are 100% guaranteed to throw when called.

> I think that only works well for new APIs. We'd then still need
> something for legacy APIs we want to limit to secure contexts (maybe
> just prose).

Why?   That is, why do you think it's more web-compatible to make an API 
that's feature-detected as present throw than to make it feature-detect 
as not present and hence trigger polyfills.

> I tend to think we should just do whatever is least complicated

And most likely to actually be shippable, yes.

Received on Monday, 21 March 2016 12:58:23 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:25 UTC