- From: <bugzilla@jessica.w3.org>
- Date: Mon, 10 Feb 2014 16:37:53 +0000
- To: public-webapps-bugzilla@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=24603 --- Comment #3 from Boris Zbarsky <bzbarsky@mit.edu> --- Sure. If we do that we need to make all the relevant algorithms robust to script randomly doing unexpected things. E.g. getting the value from an input can change the values of other inputs if it's done in arbitrary script.... The way input is implemented in practice, in ES terms, is that it has private slot (closure variable, weakmap entry, whatever) that stores a value string, and various form operations can retrieve that string without running any untrusted (from the point of view of the form) script in the process. Whatever setup we come up with for explaining input would be best if it preserved those invariants.... -- You are receiving this mail because: You are the QA Contact for the bug.
Received on Monday, 10 February 2014 16:37:54 UTC