W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2012

Re: [webcomponents]: Making Shadow DOM Subtrees Traversable

From: Boris Zbarsky <bzbarsky@MIT.EDU>
Date: Thu, 01 Nov 2012 12:02:22 -0400
Message-ID: <50929D0E.5050209@mit.edu>
To: public-webapps@w3.org
On 11/1/12 7:41 AM, Tab Atkins Jr. wrote:
> There was no good *reason* to be private by default

Yes, there was.  It makes it much simpler to author non-buggy 
components.  Most component authors don't really contemplate how their 
code will behave if someone violates the invariants they're depending on 
in their shadow DOMs.  We've run into this again and again with XBL.

So pretty much any component that has a shadow DOM people can mess with 
but doesn't explicitly consider that it can happen is likely to be very 
broken.  Depending on what exactly it does, the brokenness can be more 
or less benign, ranging from "doesn't render right" to "leaks private 
user data to the world".

> As a general rule, we should favor being public over
> being private unless there's a good privacy or security reason to be
> private.

As a general rule we should be making it as easy as possible to write 
non-buggy code, while still allowing flexibility.  In my opinion.

Received on Thursday, 1 November 2012 16:02:55 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:13:47 UTC