- From: Hayato Ito <notifications@github.com>
- Date: Thu, 03 Dec 2015 20:00:28 -0800
- To: w3c/webcomponents <webcomponents@noreply.github.com>
Received on Friday, 4 December 2015 04:01:01 UTC
Thank you for the feedback. Let me share my thoughts: - Shadow DOM is not a mechanism which provides security, as of now. That's not a design goal to me. Don't rely on Shadow DOM if you want a true *security*. - I think iframe is not a good analogy for closed Shadow DOM. Rather, built-in `<video>` elements or `<details>/<summary>` element might be a good analogy for closed Shadow DOM. They uses Shadow DOM internally as their implementation, in Blink, at least. Web developers can't access these kinds of *hidden* Shadow DOM from scripts in any way. I've designed the closed mode shadow tree in a similar way so that web developers can have a power to create such an element. BTW, we've already decided to add a closed mode. Th remaining task in this issue, #100, is to decide its API. e.g. "visible/hidden" vs "open/closed" You might want to file a new issue so that we can isolates each concern. --- Reply to this email directly or view it on GitHub: https://github.com/w3c/webcomponents/issues/100#issuecomment-161867941
Received on Friday, 4 December 2015 04:01:01 UTC