[webcomponents] [Shadow]: Method for selecting data inside closed shadow root (#378)

In the current Shadow DOM api, assuming we have a shadow tree that can have the following representation: 

```html
<some-public-shadow-host>
  <its-open-shadow-root>
    <div id=need-to-know>37</div>
  <its-open-shadow-root>
</some-public-shadow-host>
```
Then the following access is possible:

```js
const 
  holder = publicHost.shadowRoot.querySelector( '#need-to-know' ),
  val = parseInt( holder.innerText );

doSomethingUseful( val );
```

In the new Shadow DOM api ( v 1 ), if we:

```js
privateHost.createShadowRoot( { mode : 'closed' } );
```

How can we access the value at `#need-to-know` ? 

# Some ideas

## Hard, origin boundary 

```js
privateHost.shadowRoot.querySelector( `#need-to-know` );
// throws IllegalAccessException( 'The closed shadow root was created by a script from origin XXXX, which does not match the origin of the script trying to access it. Therefore the access was not allows.' );
```

Some code, such as that running in Chrome extensions and apps with the correct site permissions ( such as XXXX, or <all_urls> ) would be able to access the shadow. 

## Soft, key boundary

```js
privateHost.shadowRoot.querySelector( `#need-to-know` );
// > null
// but
privateHost.shadowRoot.querySelector( `#need-to-know`, { key } );
// > NodeList
```

where `key` is: 

```js
const key = 'football';
privateHost.createShadowRoot( { mode: closed, key } );
```

In this case, again,  code ( such as running in Chrome apps or extensions ) works to be able to access, regardless of key.

## Very soft, symbol boundary

In this case a closed shadow root isn't private at all. It just isn't available as a string named property. Instead, it's a symbol property. 

```js
semiPrivateHost[ Symbol.closedShadow ].querySelector( '#need-to-know' );
// > NodeList
```

Which even if it's not a standard symbol property attached to `Symbol`, could still be accessed via, `Object.getOwnPropertySymbols`

## What's this all about?

These are not really proposals. Only questions about how to access the content of Shadow in the new v 1 api. 

I'm concerned that extensions and apps still have access to otherwise closed shadows, so that Chrome browsers can be usefully automated, without needing to recompile them specially from source and remove any restrictions to accessing shadow roots resulting from Shadow DOM v 1. 

It may be reasonable to say such restrictions are unlikely, since such an inaccessible-to-Chrome-code restriction would be weightier than even iframe boundary restrictions, and cross origin restrictions, which are accessible from Chrome code. 

At the same time, Shadow DOM is a new technology, as is web components, and as such the development trajectory is still unknown. 



---
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webcomponents/issues/378

Received on Wednesday, 3 February 2016 13:52:37 UTC