- From: Anne van Kesteren <notifications@github.com>
- Date: Mon, 18 Feb 2019 14:01:29 +0000 (UTC)
- To: heycam/webidl <webidl@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Monday, 18 February 2019 14:01:53 UTC
annevk commented on this pull request. > @@ -13446,6 +13446,12 @@ agents in referencing specifications be linked to the </blockquote> +<h2 id="priv-sec">Privacy and Security Considerations</h2> + +This specification introduces no privacy or security considerations, as it is defining a +meta-language that is used to write specifications that actually define features. I think we should say something about the nature of IDL. That it defines a security boundary of sorts between ECMAScript and IDL values and that not implementing the conversion layer correctly can lead to security issues. As well as not fully understanding the implications of object/any or [AllowShared]. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/heycam/webidl/pull/647#pullrequestreview-204801547
Received on Monday, 18 February 2019 14:01:53 UTC