Re: Component Model is not an Isolation Model

On Thu, Mar 10, 2011 at 4:17 PM, Boris Zbarsky <bzbarsky@mit.edu> wrote:

> 1)  Cross-site components are safe to use.
> 2)  You can't screw up and depend on implementation details of a
>    component, because if you're calling something the component
>    provides then you're using APIs the component explicitly exposed.
>

#2 --- protecting components from the enclosing document --- should
definitely be supported by the component model IMHO. Without that, it's more
difficult to update components over time.

I'm less enthusiastic about #1. In many situations, perhaps most, developers
can choose to trust a component and host it themselves, and there's no
problem. Some "widget" use cases can be solved with IFRAMEs instead. What
use cases for cross-site component loading are left?

Rob
-- 
"Now the Bereans were of more noble character than the Thessalonians, for
they received the message with great eagerness and examined the Scriptures
every day to see if what Paul said was true." [Acts 17:11]

Received on Thursday, 10 March 2011 09:59:43 UTC