Re: [whatwg] Spec for location object needs to make some properties unforgeable; need supporting WebIDL changes from Ian Hickson on 2012-11-20 (public-whatwg-archive@w3.org from November 2012)

From: Ian Hickson <ian@hixie.ch>
Date: Tue, 20 Nov 2012 01:40:58 +0000 (UTC)
To: Boris Zbarsky <bzbarsky@MIT.EDU>
Cc: whatwg <whatwg@lists.whatwg.org>
Message-ID: <Pine.LNX.4.64.1211200138210.26354@ps20323.dreamhostps.com>

On Tue, 25 Sep 2012, Boris Zbarsky wrote:
>
> Turns out, some things care about at least the .href and .toString of 
> Location objects for security-check purposes.  So they need to be 
> unforgeable.  But of course WebIDL doesn't provide a way to make 
> anything other than readonly attributes unforgeable.  It seems like it 
> needs to.

I'm going to assume heycam is going to add an interface-level 
[Unforgeable] annotation that does this.

   https://www.w3.org/Bugs/Public/show_bug.cgi?id=20008

I've updated HTML accordingly.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

Received on Tuesday, 20 November 2012 02:38:26 UTC