Re: Component Model is not an Isolation Model

On Wed, Mar 9, 2011 at 7:17 PM, Boris Zbarsky <bzbarsky@mit.edu> wrote:

> On 3/9/11 7:30 PM, Dimitri Glazkov wrote:
>
>> From the perspective of the component, the isolation is unfairly
>>>
>> punishing -- you can't use the outside DOM or even DOM element on
>> which you're hoisted, you can't add methods to it, and you have to
>> always imagine the membrane in order to build a proper mental model of
>> what the heck you're trying to accomplish.
>>
>
> This is sort of a requirement for being able to use components that you
> don't trust to arbitrarily mess with your DOM though, no?
>

We already have very complicated security mechanisms for frames, and the
history of the Web tells us that it's really hard to get them right.  Why
can't we reuse the same mechanism instead of introducing new one?  Isn't it
as simple as putting an iframe in your component, no?

- Ryosuke

Received on Thursday, 10 March 2011 03:30:51 UTC