Re: [webcomponents]: Making Shadow DOM Subtrees Traversable

On Mon, Feb 25, 2013 at 6:21 AM, Boris Zbarsky <bzbarsky@mit.edu> wrote:
> On 2/25/13 12:11 AM, Tab Atkins Jr. wrote:
>> We've gone back and forth.  It seems that allowing monkeypatching by
>> default is the better choice, as most uses aren't security conscious
>
> Tab, could you please read and respond to what Blake actually wrote?  He
> didn't mention the word "security" at all.

True, but that's often something that comes up.  Sorry for implying
that was the only concern Blake had.

Still, though, the "private by default" impulse is nearly always
wrong, and contrary to a lot of patterns on the web.  As I alluded to,
and Elliot explicitly said in the 2012 email that Bronislav quotes,
the current status quo, where shadow DOM is hidden from everything
unless you're explicitly looking for it, is necessary for *lots* of
useful and completely benign things.  Because of this, hiding the
shadow is *not* something that's obviously good, and I argue that it
should rarely be necessary in the first place.

If you want high integrity (not security - this is a much broader
concept), it's expensive.  This is always true, because low-integrity
things are *useful*, and people often try to reach for high-integrity
without thinking through its downsides.

~TJ

Received on Monday, 25 February 2013 17:39:36 UTC