- From: Ian Hickson <ian@hixie.ch>
- Date: Tue, 19 Feb 2008 09:07:19 +0000 (UTC)
- To: Anne van Kesteren <annevk@opera.com>
- Cc: Boris Zbarsky <bzbarsky@mit.edu>, Lachlan Hunt <lachlan.hunt@lachy.id.au>, public-webapi@w3.org
On Tue, 19 Feb 2008, Anne van Kesteren wrote: > > > > My suggestion was to allow the implementation to throw as soon as it > > detects any sort of misbehavior from the NSResolver. Anne didn't like > > it. Given that the implementation isn't allowed to do this, what _is_ > > it allowed to do to comply with the "deal with broken or malicious > > NSResolvers" text? > > I think it has to go like this: > > 1. Get default namespace / resolve namespace prefixes > 2. Run the group of selectors over the "current" DOM > > And I like to believe that this is what the specification requires. But > maybe we should make it explicit in the method section that step 1 has > to happen first and that user agents are not allowed to do both at the > same time. So even prefixes that are never going to match in the current document have to be checked? e.g. if the document has no child element that has no siblings, and the author does this: :not(a1|*):not(a2|*):not(a3|*):not(a4|*):not(a5|*) > :only-child, ...do we have to call NSResolver for a1..a5, even though we know no element will ever mach that selector, just in case the resolver mutates the document at some point to make it that an element matches it? That seems like optimising for the wrong case in a pretty big way. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Tuesday, 19 February 2008 09:07:33 UTC