- From: Ryosuke Niwa <notifications@github.com>
- Date: Fri, 12 May 2017 14:55:21 -0700
- To: w3c/webcomponents <webcomponents@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3c/webcomponents/issues/640/301194929@github.com>
>> We need a refutable statement. > > I'll give you ~four~(edit:) five: > * With closed shadow roots, the DOM is no longer generic, well-specified and powerful enough to read and modify the document in the ways the page's scripts can as a whole. This is demonstratively false. You can simply override `Element.prototype.attachShadow` to do the same. But more importantly, the whole point of shadow DOM is to provide encapsulation. Encapsulation by definition hides information of each component from the rest. This is a feature, not a bug. > * It is a waste of implementers' time and effort to each discover the limited access and develop a non-standard workaround. Why is not being able to access a shadow tree's content considered a limitation and something that requires a workaround? This isn't really a refutable but rather an opinion. > * It is a waste of developers' time and effort to each discover the limited access, request a non-standard workaround and/or work out how it should be used. Ditto. > * The protection that the component developer is given from the document's author are illusory. Illusory as in they can work around by overriding `Element.prototype.attachShadow`, or any other method in the same global? That is the limitation of the ECMAScript, not DOM. If ECMAScript provided a way to get a separate realm (and its own global object), or had a reliable way to get the original builtin functions, the protection would not be illusory. > * (edit:) Closed shadow DOMs let any developer create arbitrary self-contained, undocumented extensions to the DOM. The average developer cannot be relied upon to do this usefully, compatibly or well. This seems like an argument against any average developer writing any component at all. It doesn't matter whether a component uses a shadow tree or not since any component can be ill-formed. FWIW, a component can be written using a cross-origin iframe or a canvas element in which case nobody else wouldn't have access to its content even today. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/webcomponents/issues/640#issuecomment-301194929
Received on Friday, 12 May 2017 21:55:53 UTC