Re: [webcomponents]: Scope of <link rel=components>, was: Naming the Baby

On Thu, 28 Mar 2013 20:27:11 +0100, Anne van Kesteren <>  

> On Tue, Mar 26, 2013 at 3:59 PM, Dimitri Glazkov <>  
> wrote:
>> After all resources are loaded and processed, we'll need to process
>> <element> instances, in reverse order of loading. Processing means:
>> 1) Registering a custom element, specified by this <element>. This
>> will involve running its children <script> elements with some special
>> rules.
>> 2) Running element upgrade:
>> As for the fetching security model, I have a bug for this:
>> Please guide me,
>> would love your fetch-spec-writing experience :)
>> As an additional wrinkle, the webdevs really want this:
> I guess what mostly strikes me as weird is that we're again
> introducing cross-origin scripts that execute with your principals.
> That seems bad.

Why don't we use <script> as the mechanism to import a component?

e.g. <script import="url"></script>

> Assuming we don't find anything better, lets make it clear
> (monkeypatch for now, I'll create a way) that https -> http fails (we
> might even want https+EV requires https+EV linking although I'm not
> sure if you gain much by that). That you really have to trust who you
> import (suspect the likelyhood of that helping to be close to zero,
> but who knows).

Simon Pieters
Opera Software

Received on Wednesday, 3 April 2013 07:38:14 UTC